...

/

Mounting Generic Secrets

Mounting Generic Secrets

Learn to mount generic Secrets to secure the deployed Jenkins.

Looking into the definition

Let’s see how we can mount the Secret we created. For this, let’s see an updated definition of jenkins.yml. The definition (limited to the relevant parts) is as follows:

Press + to interact
apiVersion: apps/v1
kind: Deployment
metadata:
name: jenkins
spec:
...
template:
...
spec:
containers:
- name: jenkins
image: vfarcic/jenkins
env:
- name: JENKINS_OPTS
value: --prefix=/jenkins
volumeMounts:
- name: jenkins-home
mountPath: /var/jenkins_home
- name: jenkins-creds
mountPath: /etc/secrets
volumes:
- name: jenkins-home
emptyDir: {}
- name: jenkins-creds
secret:
secretName: my-creds
defaultMode: 0444
items:
- key: username
path: jenkins-user
- key: password
path: jenkins-pass
...
  • Lines 19–20: We add jenkins-creds which mounts the /etc/secrets directory.

  • Lines 24–26: The jenkins-creds volume references the Secret named my-creds. ...