HashiCorp Vault secrets in CI jobs as variables

From wikieduonline

Revision as of 08:33, 14 March 2021 by Welcome (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to navigation Jump to search

Use HashiCorp Vault secrets in CI jobs as variables ^[1] ^[2]

Configuration

VAULT_SERVER_URL - The URL of your Vault server, such as https://vault.example.com:8200. Required.
VAULT_AUTH_ROLE - (Optional) The role to use when attempting to authenticate. If no role is specified, Vault uses the default role specified when the authentication method was configured.
VAULT_AUTH_PATH - (Optional) The path where the authentication method is mounted, default is jwt.

Usage

secrets:
  DATABASE_PASSWORD:
    vault: production/db/password@ops  # translates to secret `ops/data/production/db`, field `password`

See also

GitLab: Install GitLab, Upgrade GitLab Gitlab runner (changelog), gitlab.rb, .gitlab/, gitlab-ci.yml, gitlab-ctl, gitlab-rake, gitlab-backup, gitlab-rails, GitLab editions, GitLab Security Dashboards, GitLab environments, GitLab environment variables, Auto DevOps, permissions, GitLab Pages, gitlab-rails, GitLab scheduled pipelines, GitLab logs, GitLab changelog , GitLab Release CLI, GitLab Omnibus, GitLab Advanced Search, GitLab container registry, GitLab infrastructure registry

↑ https://about.gitlab.com/releases/2020/09/22/gitlab-13-4-released/#use-hashicorp-vault-secrets-in-ci-jobs

↑ https://docs.gitlab.com/ee/ci/secrets/

Retrieved from "https://www.wikieduonline.com/index.php?title=HashiCorp_Vault_secrets_in_CI_jobs_as_variables&oldid=50814"

Advertising: