Use Custom Secrets in Helm Installation
Store encrypted credentials in JFrog Helm deployments using Kubernetes secrets via customSecrets in values.yaml.
Kubernetes Secrets encrypt and store sensitive data such as credentials. To add a custom secret for use in a custom init or sidecar container, use the customSecrets section in the values.yaml file (commented out by default).
Artifactory
artifactory:
# Add custom secrets - secret per file
customSecrets:
- name: custom-secret
key: custom-secret.yaml
data: >
secret dataXray
common:
# Add custom secrets - secret per file
customSecrets:
- name: custom-secret
key: custom-secret.yaml
data: >
secret dataDistribution
distribution:
# Add custom secrets - secret per file
customSecrets:
- name: custom-secret
key: custom-secret.yaml
data: >
secret dataTo use a custom secret, define a custom volume.
The following example defines a custom volume in Artifactory.
Artifactory
artifactory:
## Add custom volumes
customVolumes: |
- name: custom-secret
secret:
secretName: custom-secretTo use a volume, define a volume mount as part of a custom init or sidecar container.
The following example defines a volume mount in an Artifactory sidecar container.
Artifactory
artifactory:
customSidecarContainers:
- name: side-car-container
volumeMounts:
- name: custom-secret
mountPath: /opt/custom-secret.yaml
subPath: custom-secret.yaml
readOnly: trueTo run the sidecar as a custom user, set the following in the container template.
# Example of running container as root (id 0)
securityContext:
runAsUser: 0
fsGroup: 0Updated 24 days ago