Title here
Summary here
get credentials
Usage
ocm get credentials {<consumer property>=<value>}Options
-h, --help help for credentials
-m, --matcher string matcher type override
-s, --sloppy sloppy matching of consumer typeDescription
Try to resolve a given consumer specification against the configured credential settings and show the found credential attributes.
Matchers exist for the following usage contexts or consumer types:
Buildcredentials.ocm.software: Gardener config credential matcherIt matches the
Buildcredentials.ocm.softwareconsumer type and additionally acts like thehostpathtype.Credential consumers of the consumer type Buildcredentials.ocm.software evaluate the following credential properties:
key: secret key use to access the credential server
Git: Git credential matcherIt matches the
Gitconsumer type and additionally acts like thehostpathtype.Credential consumers of the consumer type Git evaluate the following credential properties:
username: the basic auth user namepassword: the basic auth passwordtoken: HTTP token authenticationprivateKey: Private Key authentication certificate
Github: GitHub credential matcherThis matcher is a hostpath matcher.
Credential consumers of the consumer type Github evaluate the following credential properties:
token: GitHub personal access token
HashiCorpVault: HashiCorp Vault credential matcherThis matcher matches credentials for a HashiCorp vault instance. It uses the following identity attributes:
hostname: vault server hostscheme: (optional) URL schemeport: (optional) server portnamespace: vault namespacemountPath: mount pathpathprefix: path prefix for secret
Credential consumers of the consumer type HashiCorpVault evaluate the following credential properties:
authmeth: auth methodtoken: vault tokenroleid: app-role role idsecretid: app-role secret id
The only supported auth methods, so far, are
tokenandapprole.HelmChartRepository: Helm chart repositoryIt matches the
HelmChartRepositoryconsumer type and additionally acts like thehostpathtype.Credential consumers of the consumer type HelmChartRepository evaluate the following credential properties:
username: the basic auth user namepassword: the basic auth passwordcertificate: TLS client certificateprivateKey: TLS private keycertificateAuthority: TLS certificate authority
MavenRepository: MVN repositoryIt matches the
MavenRepositoryconsumer type and additionally acts like thehostpathtype.Credential consumers of the consumer type MavenRepository evaluate the following credential properties:
username: the basic auth user namepassword: the basic auth password
NpmRegistry: NPM registryIt matches the
NpmRegistryconsumer type and additionally acts like thehostpathtype.Credential consumers of the consumer type NpmRegistry evaluate the following credential properties:
username: the basic auth user namepassword: the basic auth passwordemail: NPM registry, require an email addresstoken: the token attribute. May exist after login at any npm registry. Check your .npmrc file!
OCIRegistry: OCI registry credential matcherIt matches the
OCIRegistryconsumer type and additionally acts like thehostpathtype.Credential consumers of the consumer type OCIRegistry evaluate the following credential properties:
username: the basic auth usernamepassword: the basic auth passwordidentityToken: the bearer token used for non-basic auth authorizationcertificateAuthority: the certificate authority certificate used to verify certificates
S3: S3 credential matcherThis matcher is a hostpath matcher.
Credential consumers of the consumer type S3 evaluate the following credential properties:
awsAccessKeyID: AWS access key idawsSecretAccessKey: AWS secret for access key idtoken: AWS access token (alternatively)
Signingserver.gardener.cloud: signing service credential matcherThis matcher matches credentials for a Signing Service instance. It uses the following identity attributes:
hostname: signing server hostscheme: (optional) URL schemeport: (optional) server portpathprefix: path prefix for the server URL
Credential consumers of the consumer type Signingserver.gardener.cloud evaluate the following credential properties:
clientCert: client certificate for authenticationprivateKey: private key for client certificatecaCerts: root certificate for signing server
wget: wget credential matcherIt matches the
wgetconsumer type and additionally acts like thehostpathtype.Credential consumers of the consumer type wget evaluate the following credential properties:
username: the basic auth user namepassword: the basic auth passwordidentityToken: the bearer token used for non-basic auth authorizationcertificateAuthority: the certificate authority certificate used to verify certificates presented by the servercertificate: the certificate used to present to the serverprivateKey: the private key corresponding to the certificate
The following standard identity matchers are supported:
exact: exact match of given pattern sethostpath: Host and path based credential matcherThis matcher works on the following properties:
type(required if set in pattern): the identity typehostname(required if set in pattern): the hostname of a serverscheme(optional): the URL scheme of a serverport(optional): the port of a serverpathprefix(optional): a path prefix to match. The element with the most matching path components is selected (separator is/).
partial(default): complete match of given pattern ignoring additional attributes
The used matcher is derived from the consumer attribute type.
For all other consumer types a matcher matching all attributes will be used.
The usage of a dedicated matcher can be enforced by the option –matcher.
See Also
- ocm get — Get information about artifacts and components
Prev
get configNext
get plugins