© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
what exactly does `--secrets` do? In our case, we need an SSH key for the user within the build, so that a `pip install ${TOOL} @ ${PRIVATE_
Credential binding in a gist could be a volume mount or file push that has a FROM and TO setup, so that credentials are placed in the "correct" places as required for a run. For Launchpad, that'd mean having
* a service available to safely store the credentials
* the ability to specify those credentials
* ability to pull those credentials at run time
* mounting / pushing of those credentials into the container, into the proper location
locally, depending on how this is run (i think it's lxc, right?) doing a bind-mount could be a simple solution, but for something like SSH keys, there'll need to be some user and permission changes likely.