feat: add availableSecrets field to skaffold.yaml which is passed to gcb

pkg/skaffold/build/gcb/spec.go

@@ -55,6 +55,7 @@ func (b *Builder) buildSpec(ctx context.Context, artifact *latest.Artifact, tag
 	buildSpec.Options.LogStreamingOption = b.LogStreamingOption
 	buildSpec.Timeout = b.Timeout
 	buildSpec.ServiceAccount = b.ServiceAccount
+	buildSpec.AvailableSecrets = b.AvailableSecrets
 
 	return buildSpec, nil
 }

pkg/skaffold/inspect/buildEnv/add_cluster_test.go

@@ -130,7 +130,8 @@ kind: ""
 metadata:
   name: cfg2
 build:
-  googleCloudBuild: {}
+  googleCloudBuild:
+    availablesecrets: null
 profiles:
 - name: p1
   build:
@@ -196,7 +197,8 @@ kind: ""
 metadata:
   name: cfg2
 build:
-  googleCloudBuild: {}
+  googleCloudBuild:
+    availablesecrets: null
 profiles:
 - name: p1
   build:
@@ -258,7 +260,8 @@ kind: ""
 metadata:
   name: cfg2
 build:
-  googleCloudBuild: {}
+  googleCloudBuild:
+    availablesecrets: null
 profiles:
 - name: p1
   build:
@@ -285,7 +288,8 @@ kind: ""
 metadata:
   name: cfg2
 build:
-  googleCloudBuild: {}
+  googleCloudBuild:
+    availablesecrets: null
 profiles:
 - name: p1
   build:

pkg/skaffold/inspect/buildEnv/modify_gcb_test.go

@@ -55,11 +55,13 @@ requires:
 build:
   googleCloudBuild:
     projectId: project2
+    availablesecrets: null
 profiles:
 - name: p1
   build:
     googleCloudBuild:
       projectId: project1
+      availablesecrets: null
 - name: p2
   build:
     cluster: {}
@@ -81,11 +83,13 @@ requires:
 build:
   googleCloudBuild:
     projectId: project1
+    availablesecrets: null
 profiles:
 - name: p1
   build:
     googleCloudBuild:
       projectId: project2
+      availablesecrets: null
 - name: p2
   build:
     cluster: {}
@@ -100,6 +104,7 @@ profiles:
   build:
     googleCloudBuild:
       projectId: project2
+      availablesecrets: null
 `,
 			},
 		},
@@ -131,11 +136,13 @@ requires:
 build:
   googleCloudBuild:
     projectId: project2
+    availablesecrets: null
 profiles:
 - name: p1
   build:
     googleCloudBuild:
       projectId: project1
+      availablesecrets: null
 - name: p2
   build:
     cluster: {}
@@ -157,11 +164,13 @@ requires:
 build:
   googleCloudBuild:
     projectId: project1
+    availablesecrets: null
 profiles:
 - name: p1
   build:
     googleCloudBuild:
       projectId: project2
+      availablesecrets: null
 - name: p2
   build:
     cluster: {}
@@ -176,6 +185,7 @@ profiles:
   build:
     googleCloudBuild:
       projectId: project2
+      availablesecrets: null
 `,
 			},
 		},
@@ -201,11 +211,13 @@ requires:
 build:
   googleCloudBuild:
     projectId: project1
+    availablesecrets: null
 profiles:
 - name: p1
   build:
     googleCloudBuild:
       projectId: project1
+      availablesecrets: null
 - name: p2
   build:
     cluster: {}
@@ -220,6 +232,7 @@ profiles:
   build:
     googleCloudBuild:
       projectId: project1
+      availablesecrets: null
 `,
 			},
 		},

pkg/skaffold/schema/latest/config.go

@@ -19,6 +19,7 @@ package latest
 import (
 	"encoding/json"
 
+	"google.golang.org/api/cloudbuild/v1"
 	v1 "k8s.io/api/core/v1"
 	"sigs.k8s.io/kustomize/kyaml/yaml"
 
@@ -411,6 +412,10 @@ type GoogleCloudBuild struct {
 	// If unspecified, it defaults to the Cloud Build service account generated when
 	// the Cloud Build API is enabled.
 	ServiceAccount string `yaml:"serviceAccount,omitempty"`
+
+	// AvailableSecrets maps to Google Cloud Build availableSecrets value which represents secrets and
+	// secret environment variables this is passed through to google cloud build.
+	AvailableSecrets *cloudbuild.Secrets `json:"availableSecrets,omitempty"`
 }
 
 // PlatformEmulatorInstallStep specifies a pre-build step to install the required tooling for QEMU emulation on the GoogleCloudBuild containers. This enables performing cross-platform builds on GoogleCloudBuild.