Set STRONGBOX_HOME and gitconfig before running apply command #278
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Problem:
Repository clone happens using a global gitconfig for the current user (root)
that is already configured for strongbox in the Dockrfike we use to build
images.
kustomize
runs as part of Apply function when the controller hascreated a temporary home dir to use in order to set ssh configs. If the
kustomize remote base contains strongbox encrypted files, then the temporary
home gitconfig is not configured to cover us so that we can decrypt successfully
on pull and remote base encrypted files remain encrypted.
This is trying to address the above by creating a temporary gitconfig under the
temp home per apply and sets STRONGBOX_HOME environment variable to point to
the temp home as well. More in particular:
testing.