Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-37151

Add support for Vault AWS Secret backend

    XMLWordPrintable

Details

    Description

      I would like to request support for the Vault AWS secret backend. https://www.vaultproject.io/docs/secrets/aws/index.html

      I attempted to modify the sample Jenkinsfile to use a different path, but, the calls create multiple keys. Would it be possible make one call to setup the AWS_ACCESS_KEY_ID and SECRET_ACCESS_KEY?

      Attachments

        Activity

          ptierno Peter Tierno added a comment -

          This was an oversight. I will look into adding this shortly considering the whole reason I wrote the plugin was for use with the aws backend, but havent had the opportunity to test against it yet. Thanks for bringing it to my attention.

          ptierno Peter Tierno added a comment - This was an oversight. I will look into adding this shortly considering the whole reason I wrote the plugin was for use with the aws backend, but havent had the opportunity to test against it yet. Thanks for bringing it to my attention.
          kgatdula Kenny Gatdula added a comment -

          Sounds great. I appreciate your work on this.

          kgatdula Kenny Gatdula added a comment - Sounds great. I appreciate your work on this.
          ptierno Peter Tierno added a comment -

          kgatdula The latest release should fix this issue. It does however change the usage slightly. https://github.com/jenkinsci/hashicorp-vault-plugin

          I just published via maven. It may take time until the plugin is updated in the update center. The new docs are available however in the github readme and the jenkins wiki page: https://wiki.jenkins-ci.org/display/JENKINS/HashiCorp+Vault+Plugin

          I'm going to leave this ticket open until you have the opportunity to test. Take note of the caveats section in the readme/wiki.

          ptierno Peter Tierno added a comment - kgatdula The latest release should fix this issue. It does however change the usage slightly. https://github.com/jenkinsci/hashicorp-vault-plugin I just published via maven. It may take time until the plugin is updated in the update center. The new docs are available however in the github readme and the jenkins wiki page: https://wiki.jenkins-ci.org/display/JENKINS/HashiCorp+Vault+Plugin I'm going to leave this ticket open until you have the opportunity to test. Take note of the caveats section in the readme/wiki.
          kgatdula Kenny Gatdula added a comment -

          ptierno I tried to install this via the update center today with no luck. I downloaded the plugin and installed it manually. it seems to work great. here's a snippet of configuration I ended up using.

          def aws_secrets = [
              [$class: 'VaultSecret', path: 'aws/creds/deploy',
                secretValues: [
                  [$class: 'VaultSecretValue', envVar: 'AWS_ACCESS_KEY_ID', vaultKey: 'access_key'],
                  [$class: 'VaultSecretValue', envVar: 'AWS_SECRET_ACCESS_KEY', vaultKey: 'secret_key']]]
            ]
          
          kgatdula Kenny Gatdula added a comment - ptierno I tried to install this via the update center today with no luck. I downloaded the plugin and installed it manually. it seems to work great. here's a snippet of configuration I ended up using. def aws_secrets = [ [$class: 'VaultSecret' , path: 'aws/creds/deploy' , secretValues: [ [$class: 'VaultSecretValue' , envVar: 'AWS_ACCESS_KEY_ID' , vaultKey: 'access_key' ], [$class: 'VaultSecretValue' , envVar: 'AWS_SECRET_ACCESS_KEY' , vaultKey: 'secret_key' ]]] ]
          ptierno Peter Tierno added a comment -

          kgatdula Thanks for the feed back. Not sure what is taking so long for the 1.1 release to become available via update center. if its not there by the end of the weekend i'll inquire about it. Thanks for the feedback. marking this as resolved.

          ptierno Peter Tierno added a comment - kgatdula Thanks for the feed back. Not sure what is taking so long for the 1.1 release to become available via update center. if its not there by the end of the weekend i'll inquire about it. Thanks for the feedback. marking this as resolved.

          People

            ptierno Peter Tierno
            kgatdula Kenny Gatdula
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: