Credential Management

    A DevOps project user with necessary permissions can configure credentials for Jenkins pipelines. Once the user adds or configures these credentials in a DevOps project, they can be used in the DevOps project to interact with third-party applications.

    Currently, you can create the following 4 types of credentials in a DevOps project:

    • SSH key: Username with a private key, an SSH public/private key pair.
    • Access token: a token with certain access.
    • kubeconfig: It is used to configure cross-cluster authentication. If you select this type, the dialog will auto-populate the field with the kubeconfig file of the current Kubernetes cluster.

    This tutorial demonstrates how to create and manage credentials in a DevOps project. For more information about how credentials are used, see Create a Pipeline Using a Jenkinsfile and .

    • You have enabled KubeSphere DevOps System.
    • You have a workspace, a DevOps project and a user (project-regular) invited to the DevOps project with the operator role. If they are not ready yet, see .

    Log in to the console of KubeSphere as . Navigate to your DevOps project, select Credentials and click Create.

      • Name: Set a name, such as dockerhub-id, which can be used in pipelines.
      • Username: Your Docker Hub account (for example, Docker ID).
      • Password/Token: Your Docker Hub password.
      • Description: A brief introduction to the credentials.
    1. Click OK when you finish.

    Similarly, follow the same steps above to create GitHub credentials. Set a different credential name (for example, github-id) and also select Username and password for Type. Enter your GitHub username and password for Username and Password/Token respectively.

    Note

    If there are any special characters such as and $ in your account or password, they can cause errors as a pipeline runs because they may not be recognized. In this case, you need to encode your account or password on some third-party websites first, such as urlencoder. After that, copy and paste the output for your credential information.

    Similarly, follow the same steps above to create kubeconfig credentials. Set a different credential name (for example, demo-kubeconfig) and select kubeconfig.

    A file that is used to configure access to clusters is called a kubeconfig file. This is a generic way of referring to configuration files. For more information, see . You create kubeconfig credentials for the access to the current Kubernetes cluster, which will be used in pipelines. You don’t need to change the file since KubeSphere automatically populates the field with the kubeconfig of the current Kubernetes cluster. You may need to change kubeconfig when accessing other clusters.

    1. Credentials created are displayed in the list.

    2. Click any of them to go to its details page, where you can see account details and all the events related to the credentials.

    3. You can also edit or delete credentials on this page. Note that when you edit credentials, KubeSphere does not display the existing username or password information. The previous one will be overwritten if you enter a new username and password.

    Create a Pipeline Using Graphical Editing Panels