Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-62701

Allow filtering credentials by multiple tags OR'd together

    XMLWordPrintable

    Details

    • Similar Issues:
    • Released As:
      0.4.0

      Description

      We have multiple Jenkins systems running in the same AWS account. In that account we also have some common secrets that all the Jenkins systems should have access to as well as some system-specific secrets that should only be accessible on the Jenkins system they are intended for.  For example:

       

      secret: jenkins/common/some-common-secret

      secret: jenkins/A/secret-A

      secret: jenkins/B/secret-B

       

      If we have two Jenkins instances (JenkinsA and JenkinsB) running in this account we'd like to be able to apply filters so that jenkins/A/secret-A shows up on JenkinsA, jenkins/B/secret-B shows up on JenkinsB, and jenkins/common/some-common-secret shows up on both JenkinsA & JenkinsB.

       

      As far as I can tell right now we can only apply a single tag to filter credentials.  If we could apply multiple filter tags we could achieve what we're looking for.

       

      Another option could be to only show the credentials that the IAM role in use has secretsmanager:GetSecretValue permissions for.

        Attachments

          Issue Links

            Activity

            Hide
            chriskilding Chris Kilding added a comment -

            The implementation is complete and ready for testing.

            Brian Clark - would you like to test the feature in one of your (non-production) Jenkins servers? If so I can upload a beta build of the plugin here.

            Show
            chriskilding Chris Kilding added a comment - The implementation is complete and ready for testing. Brian Clark - would you like to test the feature in one of your (non-production) Jenkins servers? If so I can upload a beta build of the plugin here.
            Hide
            clarkbrianj Brian Clark added a comment -

            Hey Chris,

            Thanks for working on this so quickly.  I'd definitely like to try testing your new changes if you have a beta version for me to try out.

            Show
            clarkbrianj Brian Clark added a comment - Hey Chris, Thanks for working on this so quickly.  I'd definitely like to try testing your new changes if you have a beta version for me to try out.
            Hide
            chriskilding Chris Kilding added a comment - - edited

            Hi Brian,

            You can download the beta build of the plugin .hpi here:

             https://repo.jenkins-ci.org/incrementals/io/jenkins/plugins/aws-secrets-manager-credentials-provider/0.3.1-rc64.867c9e16a12c/aws-secrets-manager-credentials-provider-0.3.1-rc64.867c9e16a12c.hpi

            When you install it, if you had a (single) tag filter previously set up it should be migrated to the new format.

            Show
            chriskilding Chris Kilding added a comment - - edited Hi Brian, You can download the beta build of the plugin .hpi here:   https://repo.jenkins-ci.org/incrementals/io/jenkins/plugins/aws-secrets-manager-credentials-provider/0.3.1-rc64.867c9e16a12c/aws-secrets-manager-credentials-provider-0.3.1-rc64.867c9e16a12c.hpi When you install it, if you had a (single) tag filter previously set up it should be migrated to the new format.
            Hide
            clarkbrianj Brian Clark added a comment -

            Hey Chris,

             

            Sorry for the long delay. We tested the beta build of the plugin and it worked.  We tried configuring the tags through the GUI as well as through JCaSC and both worked well.

            Show
            clarkbrianj Brian Clark added a comment - Hey Chris,   Sorry for the long delay. We tested the beta build of the plugin and it worked.  We tried configuring the tags through the GUI as well as through JCaSC and both worked well.
            Hide
            chriskilding Chris Kilding added a comment -

            released

            Show
            chriskilding Chris Kilding added a comment - released

              People

              Assignee:
              chriskilding Chris Kilding
              Reporter:
              clarkbrianj Brian Clark
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: