As a DevOps engineer at Cloudify.co I am building a new CI/CD pipeline based on Kubernetes and Jenkins. I store my secrets in the vault and in this article I will describe my experience with the integration of vault into a Jenkins pipeline.

Image for post

What is HashiCorp’s Vault?

Vault is a tool for securely accessing secrets. A secret is anything that you want to tightly control access to, such as API keys, passwords, certificates, and more. Vault provides a unified interface to any secret, while providing tight access control and recording a detailed audit log.

https://www.vaultproject.io/

What is Jenkins Pipeline?

What is Jenkins Pipeline?

Image for post

Jenkins Pipeline (or simply “Pipeline” with a capital “P”) is a suite of plugins which supports implementing and integrating continuous delivery pipelines into Jenkins.

https://www.jenkins.io/doc/book/pipeline/

Prerequisites:

  • Vault Installed
  • Jenkins Installed
  • Basic knowledge on Jenkins

What you will learn from this post?

  • How to authenticate Jenkins to vault using AppRole and Jenkins’s HashiCorp Vault plugin
  • Pull vault’s secrets from Jenkins declarative pipeline

#cloudify #jenkins #vault #hashicorp-vault #jenkins-pipeline

How To Read Vault’s Secrets from Jenkin’s Declarative Pipeline
29.75 GEEK