bstein/titan-iac
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

jenkins: escape vault env values

Browse Source
This commit is contained in:
Brad Stein 2026-01-14 17:53:09 -03:00
parent bb9a4e6d8b
commit 4ff2f3e889
1 changed files with 10 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
services/jenkins/deployment.yaml
View File

@ -23,20 +23,20 @@ spec:
vault.hashicorp.com/agent-inject-secret-jenkins-env: "kv/data/atlas/jenkins/jenkins-oidc"
vault.hashicorp.com/agent-inject-template-jenkins-env: |
{{- with secret "kv/data/atlas/jenkins/jenkins-oidc" -}}
export OIDC_CLIENT_ID="{{ .Data.data.clientId }}"
export OIDC_CLIENT_SECRET="{{ .Data.data.clientSecret }}"
export OIDC_AUTH_URL="{{ .Data.data.authorizationUrl }}"
export OIDC_TOKEN_URL="{{ .Data.data.tokenUrl }}"
export OIDC_USERINFO_URL="{{ .Data.data.userInfoUrl }}"
export OIDC_LOGOUT_URL="{{ .Data.data.logoutUrl }}"
export OIDC_CLIENT_ID='{{ .Data.data.clientId | replace "'" "'\"'\"'" }}'
export OIDC_CLIENT_SECRET='{{ .Data.data.clientSecret | replace "'" "'\"'\"'" }}'
export OIDC_AUTH_URL='{{ .Data.data.authorizationUrl | replace "'" "'\"'\"'" }}'
export OIDC_TOKEN_URL='{{ .Data.data.tokenUrl | replace "'" "'\"'\"'" }}'
export OIDC_USERINFO_URL='{{ .Data.data.userInfoUrl | replace "'" "'\"'\"'" }}'
export OIDC_LOGOUT_URL='{{ .Data.data.logoutUrl | replace "'" "'\"'\"'" }}'
{{- end }}
{{- with secret "kv/data/atlas/jenkins/harbor-robot-creds" -}}
export HARBOR_ROBOT_USERNAME="{{ .Data.data.username }}"
export HARBOR_ROBOT_PASSWORD="{{ .Data.data.password }}"
export HARBOR_ROBOT_USERNAME='{{ .Data.data.username | replace "'" "'\"'\"'" }}'
export HARBOR_ROBOT_PASSWORD='{{ .Data.data.password | replace "'" "'\"'\"'" }}'
{{- end }}
{{- with secret "kv/data/atlas/jenkins/gitea-pat" -}}
export GITEA_PAT_USERNAME="{{ .Data.data.username }}"
export GITEA_PAT_TOKEN="{{ .Data.data.token }}"
export GITEA_PAT_USERNAME='{{ .Data.data.username | replace "'" "'\"'\"'" }}'
export GITEA_PAT_TOKEN='{{ .Data.data.token | replace "'" "'\"'\"'" }}'
{{- end -}}
spec:
serviceAccountName: jenkins