diff --git a/cli_reference/cli_by_example_content.adoc b/cli_reference/cli_by_example_content.adoc index 209859df02bc..f12c36b1d330 100644 --- a/cli_reference/cli_by_example_content.adoc +++ b/cli_reference/cli_by_example_content.adoc @@ -727,13 +727,13 @@ endif::[] [options="nowrap"] ---- // Create a new secret named my-secret with a key named ssh-privatekey - $ oc secrets new my-secret ~/.ssh/ssh-privatekey + $ oc create secret generic my-secret --from-file=ssh-privatekey= // Create a new secret named my-secret with keys named ssh-privatekey and ssh-publickey instead of the names of the keys on disk - $ oc secrets new my-secret ssh-privatekey=~/.ssh/id_rsa ssh-publickey=~/.ssh/id_rsa.pub + $ oc create secret generic my-secret --from-file=ssh-privatekey= --from-file=ssh-publickey= // Create a new secret named my-secret with keys for each file in the folder "bar" - $ oc secrets new my-secret path/to/bar + $ oc create secret generic my-secret --from-file= ---- ==== diff --git a/day_two_guide/topics/managing_docker_registries.adoc b/day_two_guide/topics/managing_docker_registries.adoc index 4b775957aeb6..b48b63918eb6 100644 --- a/day_two_guide/topics/managing_docker_registries.adoc +++ b/day_two_guide/topics/managing_docker_registries.adoc @@ -299,19 +299,19 @@ to the `docker` registry: + ---- $ oc project -$ oc secrets new-dockercfg --docker-server= --docker-username= --docker-password= --docker-email= +$ oc create secret docker-registry --docker-server= --docker-username= --docker-password= --docker-email= ---- . If a `.dockercfg` file exists, create the secret using the `oc` command: + ---- -$ oc secrets new .dockercfg=<.dockercfg> +$ oc create secret generic --from-file=.dockercfg= --type=kubernetes.io/dockercfg ---- . Populate the `$HOME/.docker/config.json` file: + ---- -$ oc secrets new .dockerconfigjson=<.docker/config.json> +$ oc create secret generic --from-file=.dockerconfigjson= --type=kubernetes.io/dockerconfigjson ---- . Use the `dockercfg` secret to pull images from the authenticated registry by @@ -363,8 +363,8 @@ to the service accounts. + ---- $ oc project -$ oc secrets new-dockercfg --docker-server=* --docker-username= --docker-password= --docker-email= -$ oc secrets new-dockercfg --docker-server= --docker-username= --docker-password= --docker-email= +$ oc create secret docker-registry --docker-server=* --docker-username= --docker-password= --docker-email= +$ oc create secret docker-registry --docker-server= --docker-username= --docker-password= --docker-email= $ oc secrets link default --for=pull $ oc secrets link default --for=pull $ oc secrets link builder @@ -438,7 +438,7 @@ openshift_master_admission_plugin_config={"openshift.io/ImagePolicy":{"configura There is a current issue to be fixed in {product-title} 3.6.1 where `ImagePolicy` pods can not be deployed using default templates, and give the following error message `Failed create | Error creating: Pod "" is invalid: -spec.containers[0].\image: Forbidden: this image is prohibited by policy`. +spec.containers[0].\image: Forbidden: this image is prohibited by policy`. See the https://access.redhat.com/solutions/3165041[Image Policy is not working as @@ -629,7 +629,7 @@ $ TOKEN=$(oc sa get-token -n ) . Use the token as the password to create a `dockercfg` secret: + ---- -$ oc secrets new-dockercfg +$ oc create secret docker-registry \ --docker-server= --docker-username= --docker-password=${TOKEN} --docker-email= ---- diff --git a/install_config/registry/deploy_registry_existing_clusters.adoc b/install_config/registry/deploy_registry_existing_clusters.adoc index 77cf71a460d2..0d3ae7707d81 100644 --- a/install_config/registry/deploy_registry_existing_clusters.adoc +++ b/install_config/registry/deploy_registry_existing_clusters.adoc @@ -441,7 +441,7 @@ If no certificate is found, a self-signed certificate is created using the . Create the secret: + ---- -$ oc secrets new console-secret \ +$ oc create secret generic console-secret \ /path/to/console.cert ---- + diff --git a/install_config/registry/securing_and_exposing_registry.adoc b/install_config/registry/securing_and_exposing_registry.adoc index 27d446b5534f..2b393a4996ca 100644 --- a/install_config/registry/securing_and_exposing_registry.adoc +++ b/install_config/registry/securing_and_exposing_registry.adoc @@ -86,7 +86,7 @@ security reasons, it is recommended to not make it greater than this value. . Create the secret for the registry certificates: + ---- -$ oc secrets new registry-certificates \ +$ oc create secret generic registry-certificates \ /etc/secrets/registry.crt \ /etc/secrets/registry.key ---- diff --git a/install_config/router/default_haproxy_router.adoc b/install_config/router/default_haproxy_router.adoc index 75c4c4e567ad..8151a10b8daa 100644 --- a/install_config/router/default_haproxy_router.adoc +++ b/install_config/router/default_haproxy_router.adoc @@ -306,7 +306,7 @@ the new value. If `ROUTER_MAX_CONNECTIONS` is not present, the default value of ==== A connection includes the frontend and internal backend. This counts as two connections. Be sure to set `ROUTER_MAX_CONNECTIONS` to double than the number -of connections you intend to create. +of connections you intend to create. ==== [[bind-strict-sni]] @@ -1038,13 +1038,13 @@ If the certificate secret was added to the router, overwrite the secret. If not, To overwrite the secret, run the following command: + ---- -$ oc secrets new router-certs tls.crt=custom-router.crt tls.key=custom-router.key -o json --type='kubernetes.io/tls' --confirm | oc replace -f - +$ oc create secret generic router-certs --from-file=tls.crt=custom-router.crt --from-file=tls.key=custom-router.key --type=kubernetes.io/tls -o json | oc replace -f - ---- + To create a new secret, run the following commands: + ---- -$ oc secrets new router-certs tls.crt=custom-router.crt tls.key=custom-router.key --type='kubernetes.io/tls' --confirm +$ oc create secret generic router-certs --from-file=tls.crt=custom-router.crt --from-file=tls.key=custom-router.key --type=kubernetes.io/tls $ oc volume dc/router --add --mount-path=/etc/pki/tls/private --secret-name='router-certs' --name router-certs ---- diff --git a/install_config/storage_examples/azure_blob_docker_registry_example.adoc b/install_config/storage_examples/azure_blob_docker_registry_example.adoc index e5ed06c3db48..e9b91ec0a8b7 100644 --- a/install_config/storage_examples/azure_blob_docker_registry_example.adoc +++ b/install_config/storage_examples/azure_blob_docker_registry_example.adoc @@ -69,7 +69,7 @@ middleware: + [source,bash] ---- -$ oc secrets new registry-config config.yaml=registryconfig.yaml +$ oc create secret generic registry-config --from-file=config.yaml=registryconfig.yaml ---- . Add the secret: @@ -100,7 +100,7 @@ $ oc delete secret registry-config + [source,bash] ---- -$ oc secrets new registry-config config.yaml=registryconfig.yaml +$ oc create secret generic registry-config --from-file=config.yaml=registryconfig.yaml ---- .. Update the configuration by starting a new rollout: diff --git a/security/build_process.adoc b/security/build_process.adoc index 412c5fda7b8f..bc6225792f2a 100644 --- a/security/build_process.adoc +++ b/security/build_process.adoc @@ -82,7 +82,7 @@ Using this example scenario, you can add an input secret to a new `BuildConfig`: . Create the secret, if it does not exist: + ---- -$ oc secrets new secret-npmrc .npmrc=~/.npmrc +$ oc create secret generic secret-npmrc --from-file=.npmrc=~/.npmrc ---- + This creates a new secret named *_secret-npmrc_*, which contains the base64