< img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=3131724&fmt=gif" />
🚀 KubeSphere v4.1.2 with Enhancements and Bug Fixes is available now. Read the release notes for v4.1.2 → close
  • English
    • English
    • 简体中文
    1. 1.Create a KubeSphere Cloud account and log in to the platform.
    2. 2.In the upper-right corner, click Console, and then click Lite Cluster on the left.
    3. 3.Create a K8s cluster with KubeSphere installed.
    4. 4.Access KubeSphere with the default account and password (admin/P@88w0rd).
  •  Star
  1. Docs / 
  2. Documentation / 
  3. Extension User Guide / 
  4. DevOps / 
  5. How to Use DevOps / 
  6. DevOps Project Settings / 
  7. Credential Management

Documentation

Last updated:
    Edit

    Credential Management

    Credentials are objects that contain sensitive information, such as usernames and passwords, SSH keys, and tokens. When the DevOps pipeline runs, it interacts with objects in the external environment to perform a series of tasks, including pulling code, pushing and pulling images, and running scripts. During this process, corresponding credentials are required, and these credentials will not appear in plain text in the pipeline.

    DevOps project users with the necessary permissions can configure credentials for Jenkins pipelines. After users add or configure these credentials in the DevOps project, they can use these credentials in the DevOps project to interact with third-party applications.

    Currently, you can create the following types of credentials in a DevOps project:

    • Username and password: A username and password, which can be handled as separate components or as a colon-separated string (in the format username:password), such as GitHub and GitLab accounts.

    • SSH key: A username with a private key, an SSH public/private key pair.

    • Access token: A token with access permissions.

    • kubeconfig: Used to configure cross-cluster authentication.

    This document demonstrates how to create and manage credentials in a DevOps project. For more information on how to use credentials, see Create a Pipeline Using a Jenkinsfile and Create a Pipeline Using Graphical Editing Panels.

    Prerequisites

    • DevOps must have been installed and enabled.

    • A workspace, a DevOps project, and a user (e.g. project-regular) have been created, and the user has been invited to the DevOps project with the operator role. See Role and Member Management.

    Create Credentials

    1. Log in to the KubeSphere web console as the project-regular user.

    2. Click Workspace Management and enter your DevOps project.

    3. In the left navigation pane, select DevOps Project Settings > Credentials.

    4. On the Credentials page, click Create.

    5. In the Create Credential dialog that appears, enter a credential name and select a credential type. Different credential types require different parameters to be set. Please refer to the following content for details.

      • Create a username and password credential

        Taking creating a GitHub user credential as an example, you need to set the following parameters:

        Parameter Description

        Name

        Set the credential name, such as github-id.

        Type

        Select Username and password.

        Username

        Enter your GitHub username.

        Password/Token

        Enter your GitHub token.

        Description

        An introduction to the credential.
        Note

        • Since August 2021, GitHub requires token-based authentication. Here you need to enter the token instead of the GitHub password. For information on how to generate a token, see Create a Personal Access Token.

        • If your account or password contains special characters such as @ and $, errors may occur during pipeline runs due to unrecognized characters. In such cases, encode your account or password on a third-party website (e.g., urlencoder) and then copy and paste the encoded result as your credential information.

      • Create an SSH key credential

        Parameter Description

        Name

        Set the credential name.

        Type

        Select SSH key.

        Username

        Enter your username.

        Private Key

        Enter your SSH key.

        Passphrase

        Enter the passphrase. It is recommended to set this parameter for better account security.

        Description

        An introduction to the credential.

      • Create an access token credential

        Parameter Description

        Name

        Set the credential name.

        Type

        Select Access token.

        Token

        Enter your token.

        Description

        An introduction to the credential.

      • Create a kubeconfig credential

        Parameter Description

        Name

        Set the credential name, such as demo-kubeconfig.

        Type

        Select kubeconfig.

        Content

        The system automatically obtains the kubeconfig file content of the current Kubernetes cluster and automatically fills in this field. You do not need to make any changes. However, when accessing other clusters, you may need to change the kubeconfig.

        Description

        An introduction to the credential.
        Note

        The file used to configure cluster access is called a kubeconfig file. This is a generic way to reference the configuration file. For more information, see Kubernetes Documentation.

    View and Manage Credentials

    1. Click the created credential to enter its detail page and view the credential details and all events related to this credential.

    2. Click Edit to modify the credential information, and click Delete to delete the credential.

      Note

      When editing credentials, KubeSphere does not display the existing username or password information. If you enter a new username and password, the previous one will be overwritten.

    Receive the latest news, articles and updates from KubeSphere


    Thanks for the feedback. If you have a specific question about how to use KubeSphere, ask it on Slack. Open an issue in the GitHub repo if you want to report a problem or suggest an improvement.

    Previous : Import Code Repositories
    What’s on this Page