Retrieving secrets from HashiCorp Vault in jenkins pipeline using HashiCorp Vault Plugin
I have setup a connection between my Jenkins and Vault and by using "withVault" method https://www.jenkins.io/doc/pipeline/steps/hashicorp-vault-plugin/#hashicorp-vault-plugin
I am retrieving vault secrets from Vault in my jenkins pipeline. Secret is stored in the environment variable github_token, which is then used to form URL for accessing git in the pipeline. Retrieving secrets works, the problem is, that $github_token variable contains asterisks.
I need it to contain actual value of the the token
def secrets = [
[path: 'ddci/data/test', engineVersion: 2, secretValues: [
[envVar: 'github_token', vaultKey: 'token']
]]
]
def configuration = [vaultUrl: 'https://vault.tools.sap/',
vaultNamespace: 's4',
vaultCredentialId: 'hashicorp_vault',
skipSslVerification: true,
engineVersion: 2]
pipeline { agent any
stages{
stage('use token to authenticate GITHub') {
steps {
withVault([configuration: configuration, vaultSecrets: secrets]) {
sh 'git_url= https://username:${github_token}@github.tools.sap/AZURE-PIPELINES-SYSDEV/decdev-ci-verification'
git url: '$git_url', branch: 'master'
}
}
}
}
}
The $github_token variable doesn't contain asterisks, Jenkins displays any Vault secret using asterisks on console, to protect the real value.
if you want to check the $github_token value, write it to a file in the workspace, doing something like this:
echo $github_token > token.txt
Some other problem is preventing you to access the GitHub server (Is the token correct? Is the path correct? Has the Jenkins node access to the GitHub?). Log to the Jenkins node and try to execute the same command manually.
- Keep numbers which appear in both columns, in J lang
- Differentiation in J
- How to reshape an array with an arbitrary size in one dimension?
- Why is Insert (fold) right associative
- Write 4 : 'x&{.&.;: y' tacitly
- Alignment issue when printing formatted prime numbers in J language
- How can I define a verb in J that applies a different verb alternately to each atom in a list?
- How to get user input in the J programming language
- How to unbox a list of boxed lists of differing lengths in J?
- How can I fix 'noun result was required' error in J?
- In j, how can I define a verb locally in one scope and pass it to a defined adverb?
- Convert boxed array to normal array?
- Read column of CSV file as array
- Replace atom in array of strings
- What does the dyad `=` do to boxed strings?
- Index of minimum element using J
- How can I take the outer product of string vectors in J?
- Building an array of verbs in J
- Reading in multidigit command line parameter
- Amend with bond to new data shows unexpected behaviour
- How to turn a table or matrix into a (flat) list in J
- How to run dissect in J?
- How to define selection using index function in J
- How to exit the J console?
- Find 4-neighbors using J
- Writing custom verbs in J
- How do I negate a selector in J lang?
- How to use arbitrary selector in interchange in J lang?
- different result once square root is added inside tacit
- Sum of arrays with repeated indices