CredentialsPlugin should support unique credentials for different TerraformEnvironmentStages #213
Comments
|
From @dkolb : OverviewCurrently Credentials Plugin only supports the build stage and Username/Password credentail types. The current use case I have requires mapping credentials onto TF_VAR_blah environment variables in the environment stages. Furthermore, some of these credentials are of the Current WorkaroundsCurrently I'm moving to decorating each stage directly in the Jenkinsfile for now. def validate = new TerraformValidateStage()
def deployDev = new TerraformEnvironmentStage('dev')
deployDev.decorate(TerraformEnvironmentStage.ALL, { closure ->
withCredentials([
usernamePassword(
credentialsId: 'some-user'
usernameVariable: 'TF_VAR_some_user',
passwordVariable: 'TF_VAR_some_passord'
),
string(
credentialsId: 'some-secret',
variable: 'TF_VAR_some_secret'
)
]) {
closure()
}
})
validate
.then(deployDev)
.build() |
|
(Migrated from the issue I didn't notice you closed) At the risk of being less DRY perhaps credentials and environment variables should be a first-class object you apply to a particular stage instance rather than a plugin? It seems mapping various "things" into the environment of each stage is something that needs to be directly supported through a common interface on the stages themselves than being deferred to the plugin system. |
|
I think you're right - the more I think about it, the more it feels like a first-class object. I think you're right that I started carving out a common interface, and immediately hit a snag with TerraformEnvironmentStage - you can decorate specific areas (plan/apply), which is different from TerraformValidateStage/Build/Regression, where you basically just decorate the whole-thing/one-thing. The common interface could be |
The text was updated successfully, but these errors were encountered: