-
New Feature
-
Resolution: Unresolved
-
Minor
-
None
Configuration as code plugin allows for credentials to be retrieved from places that aren't direct strings. It would be nice if job-dsl could do this too. Namely useful to create folderCredentialsProperty that are retrieved from places that aren't git.
In my case for example, this would be from AWS SSM parameter, but other examples would be HC Vault, AWS Secrets Manager. Could potentially go even further and check in encrypted values, and using plugins it can be decrypted AWS/GCP KMS and the decrypted value would be used.
Something like this for example:
folder("test") { description 'The folder contains all jobs for regular tests' properties { folderCredentialsProperty { domainCredentials { domainCredentials { domain { name("test") description("Credentials necessary for our tests") } credentials { usernamePasswordCredentialsImpl { scope("GLOBAL") id("test_user_id") description("User for deployments on test environment") username(ssmParameter("/path/to/parameter/username")) password(ssmParameter("/path/to/parameter/password")) } } } } } } }
I attempted to implement something like this myself, by including a groovy script that would retrieve and return said value and use the additionalClassPath property, but it seems third party libraries aren't usable even when the necessary classes do exist (i.e. the AWS plugin has been installed for example).
