Secrets Management

Overview

Application-related sensitive information can be managed and configured using Secrets. Currently two types of Secret are supported: Docker Registry Credential (user name and password, etc.) and TLS Certificate.
When deploying the application, you can select the docker registry credential you have created to pull the application image, and use the TLS certificate to configure HTTPS.

Create docker registry credential

Create

  • Name: Only lowercase letters, numbers, and hyphen (-) are allowed. The name must begin with a lowercase letter and should be up to maximum length of 253 characters
  • Type: Select "Docker Registry Credential"
  • Data: Registry address, username, password, and Email (can be empty)

TLS Certificate

Certificate and private key must be in PEM format and the system verifies whether the certificate and private key match or not

Create

  • Name: Only lowercase letters, numbers, and hyphen (-) are allowed. The name must begin with a lowercase letter and should be up to maximum length of 253 characters
  • Type: Select "TLS Certificate"

  • Certificate: The complete certificate chain in PEM format, for example

    -----BEGIN CERTIFICATE----- (your domain certificate) -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- (root certificate) -----END CERTIFICATE-----

  • Key: The private key in PEM format, for example

    -----BEGIN PRIVATE KEY----- (your private key) -----END PRIVATE KEY-----

Convert private key format

If the private key starts with BEGIN RSA PRIVATE KEY, you can use the following command to convert the private key to start with BEGIN PRIVATE KEY:

openssl pkey -in begin-rsa-private.key

Details

In addition to the content of the certificate and private key, the domain name and expires date of the certificate are also shown.

results matching ""

    No results matching ""