HashiCorp Vault secrets in CI jobs as variables
Jump to navigation
Jump to search
↑ https://about.gitlab.com/releases/2020/09/22/gitlab-13-4-released/#use-hashicorp-vault-secrets-in-ci-jobs
↑ https://docs.gitlab.com/ee/ci/secrets/
Use HashiCorp Vault secrets in CI jobs as variables [1] [2]
Configuration
- VAULT_SERVER_URL - The URL of your Vault server, such as https://vault.example.com:8200. Required.
- VAULT_AUTH_ROLE - (Optional) The role to use when attempting to authenticate. If no role is specified, Vault uses the default role specified when the authentication method was configured.
- VAULT_AUTH_PATH - (Optional) The path where the authentication method is mounted, default is jwt.
Usage
secrets: DATABASE_PASSWORD: vault: production/db/password@ops # translates to secret `ops/data/production/db`, field `password`
Related commands
See also
- GitLab: Install GitLab, Upgrade GitLab Gitlab runner (changelog),
gitlab.rb, .gitlab/, gitlab-ci.yml
,gitlab-ctl, gitlab-rake, gitlab-backup, gitlab-rails
, GitLab editions, GitLab Security Dashboards, GitLab environments, GitLab environment variables, Auto DevOps, permissions, GitLab Pages,gitlab-rails
, GitLab scheduled pipelines, GitLab logs, GitLab changelog , GitLab Release CLI, GitLab Omnibus, GitLab Advanced Search, GitLab container registry, GitLab infrastructure registry
Advertising: