can someone help me? I have a repository having some YAML files like deployment_app.yaml, and a secret object. the pod inside the deployment_file must read the secret object during the deployment process and I wanna save the secret object into a git secret but I also still want to let the deployment file be able to read the secret object once the deployment, how can I do it?
Asked
Active
Viewed 103 times
1 Answers
0
Here's how it can be done, from the documentation of git secret. Read the docs here.
Basically you will have to create a new key-pair in your CI that will be used to decrypt the Git secret during deployment.
zer0
- 2,153
- 10
- 12
-
cant i done it from the website directly ? – ask stack Jul 21 '22 at 22:14
-
No. Your secret is an encrypted file inside your repository. When the repository is cloned in the CI, the CI has no idea how to decrypt the secret you've added using the `git-secret` bash tool on your laptop. – zer0 Jul 21 '22 at 22:16
-
i meant that i can add the secret file from github website to the repo directly ? like from settings > secrets ? – ask stack Jul 21 '22 at 22:21
-
No, those tokens are to establish communication between your development machine and your GitHub profile, they are not related to your deployments. – zer0 Jul 21 '22 at 22:26
-
1ok i will try and back to u, tnx ^^ – ask stack Jul 21 '22 at 23:44
-
its changing the extension of the yaml file with .secret and i cant deploy it, any good way ? – ask stack Jul 22 '22 at 17:17