Configure SSH private key from kubernetes secret in JCASC plugin?

Using Jenkins
1

Is it possible to specify a kubernetes secret as the source for the private SSH key in JCASC plugin?

I have this:


      JCasC:
        defaultConfig: true      
        configScripts:
          use-script-security: |
            security:
              globalJobDslSecurityConfiguration:
                useScriptSecurity: false
          welcome-message: |
            jenkins:
              systemMessage: Welcome to our CI\CD server.  This Jenkins is configured and managed 'as code'.
          setup-ssh-keys: |
            credentials:
              system:
                domainCredentials:
                  - credentials:
                      - basicSSHUserPrivateKey:
                          scope: GLOBAL
                          id: sample-ssh-key
                          username: git
                          description: "SSH key for remote git"
                          privateKeySource:
                            directEntry:                          
                              privateKey: "ssh-private-key"

Where ssh-private-key is:

$ kubectl -n jenkins get secret ssh-private-key  -oyaml
apiVersion: v1
data:
  filename: LS0tL..Qo=
kind: Secret
metadata:
  name: ssh-private-key
  namespace: jenkins
type: Opaque

But nothing is created in the jenkins master credentials section.

Also looked at:

but that does not have an example of using a k8s secret.

Any suggestions?

2

if you use the kubernetes secret provider - https://plugins.jenkins.io/kubernetes-credentials-provider/ then you don’t need to define said secrets again in jcasc.

3

Works like a charm, thanks!