Difference between revisions of "HashiCorp Vault secrets in CI jobs as variables"
Jump to navigation
Jump to search
↑ https://about.gitlab.com/releases/2020/09/22/gitlab-13-4-released/#use-hashicorp-vault-secrets-in-ci-jobs
↑ https://docs.gitlab.com/ee/ci/secrets/
(3 intermediate revisions by the same user not shown) | |||
Line 9: | Line 9: | ||
== Usage == | == Usage == | ||
− | secrets: | + | [[secrets]]: |
DATABASE_PASSWORD: | DATABASE_PASSWORD: | ||
vault: production/db/password@ops # translates to secret `ops/data/production/db`, field `password` | vault: production/db/password@ops # translates to secret `ops/data/production/db`, field `password` | ||
+ | |||
+ | |||
+ | == Related commands == | ||
+ | * <code>[[vault policy write]]</code> | ||
+ | * <code>[[vault auth enable jwt]]</code> | ||
+ | * <code>[[vault write auth/jwt/config]]</code> | ||
== See also == | == See also == |
Latest revision as of 08:37, 14 March 2021
Use HashiCorp Vault secrets in CI jobs as variables [1] [2]
Configuration[edit]
- VAULT_SERVER_URL - The URL of your Vault server, such as https://vault.example.com:8200. Required.
- VAULT_AUTH_ROLE - (Optional) The role to use when attempting to authenticate. If no role is specified, Vault uses the default role specified when the authentication method was configured.
- VAULT_AUTH_PATH - (Optional) The path where the authentication method is mounted, default is jwt.
Usage[edit]
secrets: DATABASE_PASSWORD: vault: production/db/password@ops # translates to secret `ops/data/production/db`, field `password`
Related commands[edit]
See also[edit]
- GitLab: Install GitLab, Upgrade GitLab Gitlab runner (changelog),
gitlab.rb, .gitlab/, gitlab-ci.yml
,gitlab-ctl, gitlab-rake, gitlab-backup, gitlab-rails
, GitLab editions, GitLab Security Dashboards, GitLab environments, GitLab environment variables, Auto DevOps, permissions, GitLab Pages,gitlab-rails
, GitLab scheduled pipelines, GitLab logs, GitLab changelog , GitLab Release CLI, GitLab Omnibus, GitLab Advanced Search, GitLab container registry, GitLab infrastructure registry
Advertising: