Commit e9d5de44 authored by Pierre Smeyers's avatar Pierre Smeyers
Browse files

Merge branch '41-missing-curl-or-wget-for-vault-alternative' into 'master' 

Resolve "Missing curl or wget for vault alternative"

Closes #41

See merge request to-be-continuous/kubernetes!76
parents 10144433 bb2e48fa

README.md

+11 −0
Original line number Diff line number Diff line
@@ -491,6 +491,14 @@ Here are its parameters: 


This variant allows delegating your secrets management to a [Vault](https://www.vaultproject.io/) server.



#### :warning: Change default `K8S_KUBECTL_IMAGE`



The Vault variant requires `curl` or `wget` to retrieve secrets from the Vault server, which makes it incompatible with the

[default `K8S_KUBECTL_IMAGE` from Bitnami](https://bitnami.com/stack/kubectl/containers), as `curl` and `wget` are no longer part of it.



As a result, when using the Vault variant, you'll have to select a `K8S_KUBECTL_IMAGE` that - in addition to `kubectl` - contains `curl` or `wget`.

For instance [container-oc](https://github.com/appuio/container-oc) images (see example below).



#### Configuration



In order to be able to communicate with the Vault server, the variant requires the additional configuration parameters:
@@ -524,6 +532,9 @@ With: 
include:

  # main template

  - component: gitlab.com/to-be-continuous/kubernetes/gitlab-ci-k8s@6.1.0

    inputs:

      # ⚠ oc-container image (includes required curl)

      kubectl-image: registry.hub.docker.com/docker.io/appuio/oc:v4.14

  # Vault variant

  - component: gitlab.com/to-be-continuous/kubernetes/gitlab-ci-k8s-vault@6.1.0

    inputs: