Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Integration of hashicorp-vault-pipeline-plugin #61

Closed
wants to merge 8 commits into from
Closed

Integration of hashicorp-vault-pipeline-plugin #61

wants to merge 8 commits into from

Conversation

jetersen
Copy link
Member

@jetersen jetersen commented Oct 9, 2019

No description provided.

@jetersen jetersen mentioned this pull request Oct 9, 2019
Closed
@rcomanne
Copy link

Any update on this PR? What is required to merge this?

@jetersen
Copy link
Member Author

I was exploring how to properly hide secrets 😓

@rcomanne
Copy link

I was exploring how to properly hide secrets 😓

Ah okay, I did some quick testing with that as well, but it seemed like it requires a complete rewrite of the current step, as the others I have found, are all build wrappers so they keep control over the context, while our step just injects some values in the environment.
It is possible to combine this step with the withCredentials wrapper that will hide the secrets, so that is how we use the plugin atm.
I did not see a better quick way to implement this, so good luck and looking forward to how you'll solve this!

@rcomanne
Copy link

rcomanne commented Nov 22, 2019
edited
Loading

Hi @Casz, any updates on this PR? Are we still waiting on masking passwords?
We can still use the functionality, users will just have to use the MaskPasswords plugin.

Edit: I just saw there are quite a few changes to VaultAccessor - so I do not think PR will work when merged right now.

timja
timja reviewed Jan 16, 2020
View reviewed changes
README.md
}
```

##### Masking secrets in console output
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In azure-keyvault plugin I used a block scoped step not the environment option and secrets were hidden fine:
https://github.com/jenkinsci/azure-keyvault-plugin#declarative

@ghost
Copy link

ghost commented May 5, 2021

Any updates for these changes? The current https://github.com/jenkinsci/hashicorp-vault-pipeline-plugin is broken

@jetersen
Copy link
Member Author

jetersen commented May 5, 2021
edited
Loading

No longer relevant after #174

Use withVault

@jetersen jetersen closed this May 5, 2021
@ghost
Copy link

ghost commented May 5, 2021

Thanks @jetersen, I didn't know #174 was an option!

If anyone finds this in the future, the PR above makes the withVault syntax mask credentials for pipelines.

Usage docs: https://www.jenkins.io/doc/pipeline/steps/hashicorp-vault-plugin
Example from README.md: https://github.com/jenkinsci/hashicorp-vault-plugin#usage-via-jenkinsfile

@jetersen jetersen deleted the mergePipeline branch May 5, 2021 20:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@timja timja timja left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@jetersen @rcomanne @timja @rcomanne-rabobank