codevalet
/
inline-pipeline-secrets
mirror of https://github.com/codevalet/inline-pipeline-secrets
1
0
Fork 0
Code Issues Releases Wiki Activity
3 Commits 1 Branch 0 Tags 41 KiB
Groovy 100%
Go to file
R. Tyler Croy cd2813bb24
Add the instance-specific caveat 		2017-08-10 10:05:24 -07:00
assets Add an initial version of the shared library 2017-08-09 18:51:39 -07:00
vars Add an initial version of the shared library 2017-08-09 18:51:39 -07:00
.gitignore Add an initial version of the shared library 2017-08-09 18:51:39 -07:00
README.adoc Add the instance-specific caveat 2017-08-10 10:05:24 -07:00

README.adoc

<html lang="en"> <head> </head>

Inline Pipeline Secrets

This is a Pipeline Shared Library which helps support the use of user-defined inline secrets from within a Jenkinsfile.

Warning

This approach relies on Jenkins instance-specific private key which means the encrypted ciphertexts are not portable across Jenkins instances.

Prerequisites

This Shared Library requires that the Pipeline plugin and Mask Passwords plugin installed.

Using

Decrypting Secrets

A Pipeline can use secrets similar to environment variables:

Jenkinsfile
node {
    stage('Deploy') {
        withSecrets(
            AWS_SECRET_ID: '{AQAAABAAAAAQWsBycxCz0x8ouOKJLU9OTvHdsN7kt7+6RAcV2zZJTm4=}'
        ) {
            echo "I should be deploying something with: ${env.AWS_SECRET_ID}"
        }
    }
}
Usage in Blue Ocean

Encrypting Secrets

A Pipeline can be used to offer a user interface for encrypting.

Jenkinsfile
promptUserForEncryption()

API

promptUserForEncryption()

createSecretText()

unsafeSecretAccess()

withSecrets()

Last updated 2024-05-17 20:05:30 UTC
</html>