Newer
Older
> Component to set the credentials for external hosts
```yaml
include:
- component: "gitlab.arm.com/ci/component/credentials@<version>"
inputs:
stage: build
Some projects need to have an access to external repositories which needs specific credentials to read data.
.credentials allows to set those up through CI/CD variables with no need to hardcode or injecting secure data into the
project repository.
`.credentials` allows to set those up through CI/CD variables with no need to hardcode or injecting secure data into the
project repository.
## Usage
```yaml
include:
- component: "gitlab.arm.com/ci/component/credentials@<version>"
# Checkout external repository
checkout:
extends: .credentials
image: debian:bookworm
variables:
TEST_SERVER_USERNAME: $TEST_SERVER_USERNAME
TEST_SERVER_HOSTNAME: $TEST_SERVER_HOSTNAME
script:
- echo "Completed credentials setup"
- echo "Testing SSH connection"
- ssh $TEST_SERVER_USERNAME@$TEST_SERVER_HOSTNAME 'ls'
```
Configuration is done with CI/CD variables of `file` type.
The file containing private keys to be injected to `ssh-agent` in a format:
> **Note:** A trailing newline is required at the end of the variable.
```
-----BEGIN OPENSSH PRIVATE KEY-----
<KEY 1 DATA>
-----END OPENSSH PRIVATE KEY-----
-----BEGIN OPENSSH PRIVATE KEY-----
<KEY 2 DATA>
-----END OPENSSH PRIVATE KEY-----
-----BEGIN OPENSSH PRIVATE KEY-----
<KEY n DATA>
-----END OPENSSH PRIVATE KEY-----
```
The SSH config file containing profiles for different host configurations to be set in `~/.ssh/config` file.
```
Host gerrit.secret.project.com
User username
```
The file containing the public keys of the accessed hosts to be set in `~/.ssh/known_hosts` file.
To generate a file for the hosts that the CI will connect to:
```sh
ssh-keyscan -p 22 gerrit.secret.project.com > /tmp/known_hosts
```
Add the contents of `/tmp/known_hosts` to the `SSH_KEYSCAN` variable in the GitLab CI/CD settings.
The file with login and initialization information to be set in `~/.netrc` file.
```
machine $ARTIFACTORY_HOST
login $ARTIFACTORY_USERNAME
password $ARTIFACTORY_PASSWORD
```
Where `ARTIFACTORY_*` variables are normal CI/CD variables in the GitLab CI/CD settings.