jenkins: Add Generic Webhook trigger token secret

To restrict access to the Generic Webhook trigger operation, we can use a pre-shared secret token, which must be included in requests.
2025-11-22 10:09:17 -06:00
parent 74cc3c690e
commit a544860a62
1 changed files with 18 additions and 0 deletions
--- a/jenkins/secrets.yaml
+++ b/jenkins/secrets.yaml
@@ -93,3 +93,21 @@ spec:
        jenkins.io/credentials-type: secretFile
    data:
      filename: signing_key.pem
+
+---
+apiVersion: bitnami.com/v1alpha1
+kind: SealedSecret
+metadata:
+  name: webhook-trigger
+  namespace: jenkins
+spec:
+  encryptedData:
+    text: AgA6vfZFOXBx/5bBP1K3GyOq3XQVIVMQ7j48jgJdwm5c4dEKl1HJgoNFiE2NWiX+ALx4ebmGj5FovCajkJ2YIzqNbI+wZeEoH1gIO0WmQcVlEg0zparSTkll/D+eguoPB6YtSr2T+g30FZFnzWQWMetxydWHX/pqx7e/6L3M+50IYfjQ8Vcx/QGe9KAiMHapEdxAEmoxdrrtsKlGo5Bh4JNoFWYf9ZcvTrYmrUtR+PYfZcxTulP0Cn6q3yNG4DC19WK0OXI1lmuZ36aUYJJrvu+rT+SB6JntMMmCLiBkcbhjxA2fTuNcYoAAXqwZjrFjXRBxuww75Wm/v+BqxGkkaJrZdhIv/maqZggLb1sHE9HyulSQ536R8f0FEt0FXX0hn1VuckWLZvDEOpcude8EEJ7DE+/Qya6fdx7ZLtKCefViTj/R8xDPoicbmgToJaZ1qnH3QFkzPXtHhzFFM4rks+i1Nz14A5kg2APiw1QQsOTp/wp2S2LXnU3gR/LQa1uEpM82KrKQfJ4TATp1oip2wemwm+burgv1DGoRBYNYM6huaS6g5u76/Vo0PTrQAEe8uIus9RnZhZ4Wp5NtLUlGM0B5oL2O4ySeBGjpM5w1UGswqjFBcP6MNQPuJEBsKhbqSUR/E1pgH9pm065XJo8SWpWqiYdNsY+s2fhb9SMiQxFStAF0Mm8lvN3hnXdfGjoyufJMcKtodLzC5sPwJHNJLkod2qIA+OY+c/gHplCPhcvPOg==
+  template:
+    metadata:
+      name: webhook-trigger
+      namespace: jenkins
+      annotations:
+        jenkins.io/credentials-description: Generic Webhook Trigger token
+      labels:
+        jenkins.io/credentials-type: secretText