Tommy McNeely

When you have a `ChoiceParameterDefinition` you can specify *any* string to it, but there does not appear to be a way to get the list of valid choices, perhaps to...

We are actually migrating away from Jenkins towards gitlab-ci, so its probably a moot issue for us at this point. This is just to support a few legacy projects.

For what its worth, here is my initial attempt (not ready for production use, obviously): https://github.com/TJM/gin-gonic-oidcauth My questions above might make more sense with that context? ~tommy

I second this... We have "air-gapped" environments, where we cannot reach "docker" proper, if we could just set something like global.registry to `internal-mirror.domain.com`, and not mess with the image name...

Without breaking backwards compatibility... If the parameter to set the "full image name" (global.imageK8S) is set, use it, otherwise construct an image name using the component parts. Just don't use...

I was thinking consul-esm would be its own helm chart, rather than be baked into this one, but I could go either way. I will vote for this one too....

So far, I am running vault agent, and dumping the gitlab-runner-sa.json (key.json) file out... then use the following command to "create" the secret... the .dockerconfigjson is a PITA ... embedding...

That PR looks like an authentication mechanism, rather than a secrets engine. The GCP Secrets Engine would replace KV or KVV2, which hold manual/static secrets, with dynamic secrets (like AWS...

Yes, sir! This sounds right. To make things a little more complicated, we would have to do some trickery with the data returned because of the way that kubernetes formats...

@ricoberger The output is pretty boring... I can tell you that the part that we care about is base64 encoded in the json key `private_key_data`. We use the vault template:...