Details

    • Similar Issues:

      Description

      Provide example how to use HashiCorp Vault Plugin with Jenkins Declarative Pipeline.

        Attachments

          Activity

          Hide
          ptierno Peter Tierno added a comment -

          My initial testing failed when using this in a declarative pipeline. Will see what needs done to get it working and document.

          Show
          ptierno Peter Tierno added a comment - My initial testing failed when using this in a declarative pipeline. Will see what needs done to get it working and document.
          Hide
          sean_middleton Sean Middleton added a comment -

          Hi, was there any update on this issue in the end? Looking to use the Vault plugin with a declarative pipeline but some information I've read suggests declarative pipelines aren't currently supported with the Vault plugin? 

          Show
          sean_middleton Sean Middleton added a comment - Hi, was there any update on this issue in the end? Looking to use the Vault plugin with a declarative pipeline but some information I've read suggests declarative pipelines aren't currently supported with the Vault plugin? 
          Hide
          teh_leet Arturas R added a comment -

          Hope it helps

          pipeline {
            agent none
            stages {
              stage('Vault') {
                  agent {
                    node {
                      label 'linux'
                    }
                  }
          
                  steps {
                    script {
                      node {
                        // define the secrets and the env variables
                        def secrets = [
                          [$class: 'VaultSecret', path: 'secret/testing', secretValues: [
                            [$class: 'VaultSecretValue', envVar: 'testing', vaultKey: 'value_one'],
                            [$class: 'VaultSecretValue', envVar: 'testing_again', vaultKey: 'value_two']]],
                          [$class: 'VaultSecret', path: 'secret/another_test', secretValues: [
                            [$class: 'VaultSecretValue', envVar: 'another_test', vaultKey: 'value']]]
                        ]
          
                        // optional configuration, if you do not provide this the next higher configuration
                        // (e.g. folder or global) will be used
                        def configuration = [$class: 'VaultConfiguration',
                                            vaultUrl: 'http://my-very-other-vault-url.com',
                                            vaultCredentialId: 'my-vault-cred-id']
          
                        // inside this block your credentials will be available as env variables
                        wrap([$class: 'VaultBuildWrapper', configuration: configuration, vaultSecrets: secrets]) {
                          sh 'echo $testing'
                          sh 'echo $testing_again'
                          sh 'echo $another_test'
                        }
                      }
                    }
                  }
                }
              }
            }
          }
          
          Show
          teh_leet Arturas R added a comment - Hope it helps pipeline { agent none stages { stage( 'Vault' ) { agent { node { label 'linux' } } steps { script { node { // define the secrets and the env variables def secrets = [ [$class: 'VaultSecret' , path: 'secret/testing' , secretValues: [ [$class: 'VaultSecretValue' , envVar: 'testing' , vaultKey: 'value_one' ], [$class: 'VaultSecretValue' , envVar: 'testing_again' , vaultKey: 'value_two' ]]], [$class: 'VaultSecret' , path: 'secret/another_test' , secretValues: [ [$class: 'VaultSecretValue' , envVar: 'another_test' , vaultKey: 'value' ]]] ] // optional configuration, if you do not provide this the next higher configuration // (e.g. folder or global) will be used def configuration = [$class: 'VaultConfiguration' , vaultUrl: 'http: //my-very-other-vault-url.com' , vaultCredentialId: 'my-vault-cred-id' ] // inside this block your credentials will be available as env variables wrap([$class: 'VaultBuildWrapper' , configuration: configuration, vaultSecrets: secrets]) { sh 'echo $testing' sh 'echo $testing_again' sh 'echo $another_test' } } } } } } } }

            People

            • Assignee:
              ptierno Peter Tierno
              Reporter:
              tsutsarin_fuib Nikolay Tsutsarin
            • Votes:
              3 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

              • Created:
                Updated: