1
0
mirror of https://codeberg.org/crowci/crow.git synced 2025-08-07 20:23:03 +03:00

K8s secrets reference from step (#3655)

This commit is contained in:
Thomas Anderson
2024-06-23 19:20:21 +03:00
committed by GitHub
parent 4987fefba0
commit 7bc38a1d8b
9 changed files with 607 additions and 29 deletions

View File

@@ -65,6 +65,7 @@ type config struct {
PodNodeSelector map[string]string
ImagePullSecretNames []string
SecurityContext SecurityContextConfig
NativeSecretsAllowFromStep bool
}
type SecurityContextConfig struct {
RunAsNonRoot bool
@@ -97,6 +98,7 @@ func configFromCliContext(ctx context.Context) (*config, error) {
SecurityContext: SecurityContextConfig{
RunAsNonRoot: c.Bool("backend-k8s-secctx-nonroot"), // cspell:words secctx nonroot
},
NativeSecretsAllowFromStep: c.Bool("backend-k8s-allow-native-secrets"),
}
// TODO: remove in next major
if len(config.ImagePullSecretNames) == 1 && config.ImagePullSecretNames[0] == "regcred" {