Difference between revisions of "HashiCorp Vault secrets in CI jobs as variables"
Jump to navigation
Jump to search
↑ https://about.gitlab.com/releases/2020/09/22/gitlab-13-4-released/#use-hashicorp-vault-secrets-in-ci-jobs
↑ https://docs.gitlab.com/ee/ci/secrets/
(→Usage) |
|||
| Line 9: | Line 9: | ||
== Usage == | == Usage == | ||
| − | secrets: | + | [[secrets]]: |
DATABASE_PASSWORD: | DATABASE_PASSWORD: | ||
vault: production/db/password@ops # translates to secret `ops/data/production/db`, field `password` | vault: production/db/password@ops # translates to secret `ops/data/production/db`, field `password` | ||
Revision as of 08:34, 14 March 2021
Use HashiCorp Vault secrets in CI jobs as variables [1] [2]
Configuration
- VAULT_SERVER_URL - The URL of your Vault server, such as https://vault.example.com:8200. Required.
- VAULT_AUTH_ROLE - (Optional) The role to use when attempting to authenticate. If no role is specified, Vault uses the default role specified when the authentication method was configured.
- VAULT_AUTH_PATH - (Optional) The path where the authentication method is mounted, default is jwt.
Usage
secrets: DATABASE_PASSWORD: vault: production/db/password@ops # translates to secret `ops/data/production/db`, field `password`
See also
- GitLab: Install GitLab, Upgrade GitLab Gitlab runner (changelog),
gitlab.rb, .gitlab/, gitlab-ci.yml,gitlab-ctl, gitlab-rake, gitlab-backup, gitlab-rails, GitLab editions, GitLab Security Dashboards, GitLab environments, GitLab environment variables, Auto DevOps, permissions, GitLab Pages,gitlab-rails, GitLab scheduled pipelines, GitLab logs, GitLab changelog , GitLab Release CLI, GitLab Omnibus, GitLab Advanced Search, GitLab container registry, GitLab infrastructure registry
Advertising:
