/
Jenkinsfile
63 lines (63 loc) · 1.8 KB
/
Jenkinsfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
pipeline {
agent any
parameters {
string(name: 'vaulturl', defaultValue: 'http://host.docker.internal:9200', description: 'Vault API URL')
string(name: 'vaultpath', defaultValue: 'kv/cicd', description: 'Secrets path for Vault secrets')
}
stages {
stage ('One') {
steps {
withVault(
configuration: [
failIfNotFound: true,
timeout: 10,
vaultCredentialId: 'vault-app-role',
vaultUrl: "${params.vaulturl}"
],
vaultSecrets: [
[
path: "${params.vaultpath}",
secretValues: [
[envVar: 'tfetoken', vaultKey: 'tfe_token'],
[envVar: 'tfeorg', vaultKey: 'tfe_org']
]
]
]
) {
echo "${env.tfetoken}"
sh """
curl -H "Authorization: Bearer ${env.tfetoken}" \
-H "Content-Type: application/vnd.api+json" \
-X GET https://app.terraform.io/api/v2/organizations/${env.tfeorg}/workspaces
echo 'Hello'
"""
}
}
}
stage ('Two') {
steps {
withVault(
configuration: [
failIfNotFound: true,
timeout: 10,
vaultCredentialId: 'vault-app-role',
vaultUrl: "${params.vaulturl}"
],
vaultSecrets: [
[
path: "${params.vaultpath}",
secretValues: [
[envVar: 'ghuser', vaultKey: 'gh_user'],
[envVar: 'ghtoken', vaultKey: 'gh_token']
]
]
]
) {
sh """
curl -H "Authorization: ${ghtoken}" "https://api.github.com/users/${ghuser}/repos" | grep -o "git@[^\\"]*"
"""
}
}
}
}
}