Thanks Jordan, I thought they expire. That fixes issue with kubernetes plugin in Jenkins which use the service account token.
On Thu, Feb 11, 2016 at 4:24 PM, Jordan Liggitt <[email protected]> wrote: > The service account token is non-expiring. > > On Thu, Feb 11, 2016 at 10:10 AM, Gabe Montero <[email protected]> > wrote: > >> Michal is correct regarding the default secret used, and afaik expiration >> of the token associated with that secret. >> >> Creation of the project, updating of the project''s policy to allow edit >> capabilities as documented on the jenkins example page ( >> https://github.com/openshift/origin/tree/master/examples/jenkins) are >> currently required to be done external from the plugin before using it, but >> if it helps you at all you can create the build config from the plugin >> using the "create resources in openshift" step. >> >> On Thu, Feb 11, 2016 at 5:14 AM, Michal Fojtik <[email protected]> >> wrote: >> >>> Hi Lorenz, >>> >>> The plugin should automatically pickup the /var/run/secrets/ >>> kubernetes.io/.. token that is mounted in. >>> However, that token has expiration set to 24h AFAIK, so you will have to >>> extended that. >>> >>> CC'ing Gabe. >>> >>> On Thu, Feb 11, 2016 at 10:11 AM, Lorenz Vanthillo < >>> [email protected]> wrote: >>> >>>> Hi, >>>> >>>> We're busy with Jenkins on OpenShift (an experimental fase). We're >>>> trying to use the new plugins for it. >>>> Our environment is running on Centos and its version 3.1. >>>> We've installed a Jenkinsserver and we've made it persistent using NFS. >>>> We're with 2 issues at the moment. >>>> >>>> At the moment we've 2 steps: Perform a build and Trigger a deployment. >>>> - This is only working when the Project and buildconfig already exists. >>>> So our first build is on OpenShift itself. But actually we want to perform >>>> that on Jenkins using those plugins. >>>> - What "authorization token for interacting with OpenShift" do we have >>>> to fill in? At the moment we're using the token we've generated after: >>>> 'oc whoami -t' with our admin-user (=cluster-admin). But we don't think >>>> that's the right approach? >>>> >>>> Thanks >>>> >>>> _______________________________________________ >>>> users mailing list >>>> [email protected] >>>> http://lists.openshift.redhat.com/openshiftmm/listinfo/users >>>> >>>> >>> >> >> _______________________________________________ >> users mailing list >> [email protected] >> http://lists.openshift.redhat.com/openshiftmm/listinfo/users >> >> >
_______________________________________________ users mailing list [email protected] http://lists.openshift.redhat.com/openshiftmm/listinfo/users
