Agent Service Credentials

For most service types, credentials can be provided. The types of credentials allowed depends on the service type, but generally several are available.

No authentication

Credential type "none" indicates that the service endpoint does not require any authentication.

HTTP Basic Authentication

A credential type of "basic" requires a username and a password to be provided in the configmap or in a Kubernetes secret. These are passed to the target via HTTP Basic authentication.

If secrets are provided in the configmap (not recommended) they must be base64 encoded.

Example (with literal contents, not recommended):

services:
      - name: dev jenkins
        type: jenkins
        enabled: true
        config:
          url: https://dev.jenkins.example.com:8080
          credentials:
            type: basic
            username: bm90LWEtZ29vZC11c2VybmFtZQ==
            password: YWxzby1ub3QtZ29vZC1wYXNzd29yZA==

Example (with Kubernetes secret of type 'kubernetes.io/basic-auth'):

services:
      - name: dev jenkins
        type: jenkins
        enabled: true
        config:
          url: https://dev.jenkins.example.com:8080
          credentials:
            type: basic
            secretName: dev-jenkins-secret

The secret must be created, and have keys for "username" and "password".

HTTP Bearer Authentication

A credential type of "bearer" requires a token to be provided in the configmap or in a Kubernetes secret. These are passed to the target via HTTP Bearer authentication.

If secrets are provided in the configmap (not recommended) they must be base64 encoded.

Example (with literal contents, not recommended):

services:
      - name: dev jenkins
        type: jenkins
        enabled: true
        config:
          url: https://dev.jenkins.example.com:8080
          credentials:
            type: bearer
            token: YWxzby1ub3QtZ29vZC1wYXNzd29yZA==

Example (with Kubernetes secret of type Opaque):

services:
      - name: dev jenkins
        type: jenkins
        enabled: true
        config:
          url: https://dev.jenkins.example.com:8080
          credentials:
            type: bearer
            secretName: dev-jenkins-secret

The secret must be created, and have a key for "token".

HTTP "Token" Authentication

While "bearer" should generally be used, some services require a small change, and require the authentication type to be called "token" in the HTTP headers sent to authenticate. Other than that change, "token" and "bearer" are identical in configuration methods.

PreviousAgent Service ConfigurationNextAgent Service Type

Last updated