You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently one can set and environment variable using secretKeyRef in a task. However this means that the secret must be present and have the specified keys. In some cases one might want to support optional features that require additional secrets. Currently, if a secret is optional in a task, the one have to write code to detect and extract the contents of the secret.
I want to write a "send mail" task, similar to the one in Tekton Hub https://hub.tekton.dev/tekton/task/sendmail
However I don't want to input the optional user and password for connecting to the smtp-server as parameters.
I still want user and password to be optional, but I want them to be stored in a secret, and also not fetched in some earlier task and passed around in the pipeline, since it will expose them more.
It seems that currently I have to add code into the script in the task to check the presense of the secret, check the presense of the keys, and then extract the values. It would be convenient (and less error prune) if the script only needed to check if the environment variables have been set or not.
The text was updated successfully, but these errors were encountered:
Feature request
Currently one can set and environment variable using secretKeyRef in a task. However this means that the secret must be present and have the specified keys. In some cases one might want to support optional features that require additional secrets. Currently, if a secret is optional in a task, the one have to write code to detect and extract the contents of the secret.
Kubernets seems to have similar support for optional secretKeyRef
https://github.com/kubernetes/kubernetes/blob/e9e190c57c61a88a2ba96c4b0688b8eb3a8945a8/pkg/apis/core/types.go#L1762
https://stackoverflow.com/questions/48208705/how-to-mark-secret-as-optional-in-kubernetes
This is how I envision how it should look like in a tekton task:
Use case
I want to write a "send mail" task, similar to the one in Tekton Hub https://hub.tekton.dev/tekton/task/sendmail
However I don't want to input the optional user and password for connecting to the smtp-server as parameters.
I still want user and password to be optional, but I want them to be stored in a secret, and also not fetched in some earlier task and passed around in the pipeline, since it will expose them more.
It seems that currently I have to add code into the script in the task to check the presense of the secret, check the presense of the keys, and then extract the values. It would be convenient (and less error prune) if the script only needed to check if the environment variables have been set or not.
The text was updated successfully, but these errors were encountered: