env_vars.sh
GitLab credentials
Quay.io credentials
or JFrog Artifactory credenditals
or Sonatype Nexus credentials
ROX variables
Cosign secrets
Trustification credentials
Rekor and TUF routes
# env_vars.sh# GitLab credentialsexportMY_GITLAB_TOKEN="your_gitlab_token_here"exportMY_GITLAB_USER="your_gitlab_username_here"
// Add credentials for an image repository that you use
# Quay.io credentialsexportQUAY_IO_CREDS_USR="your_quay_username_here"exportQUAY_IO_CREDS_PSW="your_quay_password_here"# or JFrog Artifactory credenditalsexportARTIFACTORY_IO_CREDS_USR="your_artifactory_username_here"exportARTIFACTORY_IO_CREDS_PSW="your_artifactory_password_here"# or Sonatype Nexus credentialsexportNEXUS_IO_CREDS_USR="your_nexus_username_here"exportNEXUS_IO_CREDS_PSW="your_nexus_password_here"
// Variables required for ACS tasks
# ROX variablesexportROX_CENTRAL_ENDPOINT="your_rox_central_endpoint_here"exportROX_API_TOKEN="your_rox_api_token_here"
// Variables required for SBOM tasks.
# Cosign secretsexportCOSIGN_SECRET_PASSWORD="your_cosign_secret_password_here"exportCOSIGN_SECRET_KEY="your_cosign_secret_key_here"exportCOSIGN_PUBLIC_KEY="your_cosign_public_key_here"# Trustification credentialsexportTRUSTIFICATION_BOMBASTIC_API_URL="your__BOMBASTIC_API_URL_here"exportTRUSTIFICATION_OIDC_ISSUER_URL="your_OIDC_ISSUER_URL_here"exportTRUSTIFICATION_OIDC_CLIENT_ID="your_OIDC_CLIENT_ID_here"exportTRUSTIFICATION_OIDC_CLIENT_SECRET="your_OIDC_CLIENT_SECRET_here"exportTRUSTIFICATION_SUPPORTED_CYCLONEDX_VERSION="your_SUPPORTED_CYCLONEDX_VERSION_here"
// Set these variables if your CI provider runners do not run
on the same cluster as the {ProductShortName} instance.
# Rekor and TUF routesexportREKOR_HOST="your rekor server url here"exportTUF_MIRROR="your tuf service url here"
Copy to ClipboardCopied!Toggle word wrapToggle overflow
使用以下信息更新 glab-set-vars 文件:
Lookup the project id so we can use it below
Depending on which image repository you use, set:
or
or
If you need to use the Rekor and TUF variables and you've added them
to env_vars.sh, set them here too:
#!/bin/bashif[$#-ne1];thenecho"Missing param, provide gitlab repo name"echo"Note: This script uses MY_GITLAB_TOKEN and MY_GITLAB_USER env vars"exitfiREPO=$1HEADER="PRIVATE-TOKEN: $MY_GITLAB_TOKEN"URL=https://gitlab.com/api/v4/projects
# Lookup the project id so we can use it belowPID=$(curl-s-L--header"$HEADER""$URL/$MY_GITLAB_USER%2F${REPO//.git/}"| jq ".id")functionsetVars(){NAME=$1VALUE=$2MASKED=${3:-true}echo"setting $NAME in https://gitlab.com/$MY_GITLAB_USER/$REPO"# Delete first because if the secret already exists then its value# won't be changed by the POST belowcurl-s--request DELETE --header"$HEADER""$URL/$PID/variables/$NAME"# Set the new key/valuecurl-s--request POST --header"$HEADER""$URL/$PID/variables"\--form"key=$NAME"--form"value=$VALUE"--form"masked=$MASKED"| jq
}
setVars ROX_CENTRAL_ENDPOINT $ROX_CENTRAL_ENDPOINTfalse
setVars ROX_API_TOKEN $ROX_API_TOKEN
setVars GITOPS_AUTH_PASSWORD $MY_GITLAB_TOKEN
setVars GITOPS_AUTH_USERNAME $MY_GITLAB_USERfalse# Depending on which image repository you use, set:
setVars QUAY_IO_CREDS_USR $QUAY_IO_CREDS_USRfalse
setVars QUAY_IO_CREDS_PSW $QUAY_IO_CREDS_PSW# or
setVars ARTIFACTORY_IO_CREDS_USR "$ARTIFACTORY_IO_CREDS_USR"false
setVars ARTIFACTORY_IO_CREDS_PSW "$ARTIFACTORY_IO_CREDS_PSW"# or
setVars NEXUS_IO_CREDS_USR "$NEXUS_IO_CREDS_USR"false
setVars NEXUS_IO_CREDS_PSW "$NEXUS_IO_CREDS_PSW"
setVars COSIGN_SECRET_PASSWORD $COSIGN_SECRET_PASSWORD
setVars COSIGN_SECRET_KEY $COSIGN_SECRET_KEY
setVars COSIGN_PUBLIC_KEY $COSIGN_PUBLIC_KEYfalse
setVars TRUSTIFICATION_BOMBASTIC_API_URL "$TRUSTIFICATION_BOMBASTIC_API_URL"false
setVars TRUSTIFICATION_OIDC_ISSUER_URL "$TRUSTIFICATION_OIDC_ISSUER_URL"false
setVars TRUSTIFICATION_OIDC_CLIENT_ID "$TRUSTIFICATION_OIDC_CLIENT_ID"false
setVars TRUSTIFICATION_OIDC_CLIENT_SECRET "$TRUSTIFICATION_OIDC_CLIENT_SECRET"
setVars TRUSTIFICATION_SUPPORTED_CYCLONEDX_VERSION "$TRUSTIFICATION_SUPPORTED_CYCLONEDX_VERSION"false# If you need to use the Rekor and TUF variables and you've added them# to env_vars.sh, set them here too:
setVars REKOR_HOST "$REKOR_HOST"false
setVars TUF_MIRROR "$TUF_MIRROR"falsebash$SCRIPTDIR/glab-get-vars $1
Copy to ClipboardCopied!Toggle word wrapToggle overflow
红帽全球峰会
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}