Created
March 11, 2021 03:39
-
-
Save luckylittle/b4f1b494b32b32542495f9b73cb83f09 to your computer and use it in GitHub Desktop.
Access to OpenShift Image Registry via ServiceAccount token
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Confirm the service is up: | |
| oc get svc image-registry -n openshift-image-registry | |
| # Create a ServiceAccount: | |
| oc create sa pipeline | |
| # Add image-builder role to the ServiceAccount: | |
| oc adm policy add-role-to-user system:image-builder -z pipeline | |
| # Add privileged Security Context Constraint (SCC) so you can run container inside container: | |
| oc adm policy add-scc-to-user privileged -z pipeline | |
| # Set the ServiceAccount token: | |
| TOKEN=$(oc get secret $(oc get secret | grep pipeline-token | head -1 | awk '{print $1}') -o jsonpath="{.data.token}" | base64 -d) | |
| oc create secret generic pipeline-sa-token --from-literal='token'=$(echo ${TOKEN}) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment