Skip to content

ci: Test external secrets stored in GSM

Rémy Coutablerequested to merge
3630-use-external-secrets into master

What does this MR do and why?

This worked well:

$ echo $TEST_SECRET
/builds/gitlab-org/gitlab.tmp/TEST_SECRET
$ cat $TEST_SECRET
[MASKED]

Notes

  • The documentation should mention the mandatory google.subject -> assertion.sub mapping, see

Screenshot_2024-01-30_at_10.51.01

  • The branch name shouldn't be longer than 76 characters, in order for the sub identifier (i.e. project_path:gitlab-org/gitlab:ref_type:branch:ref:<branch name>) to not be longer than 127 characters.

Related to gitlab-org/quality/engineering-productivity/team#363.

Edited by Rémy Coutable

Merge request reports