jervis
jervis copied to clipboard
samrocketman
Use Jenkins Credentials inside Jervis
The Jervis documentation mentions "secrets". I see examples here: https://github.com/samrocketman/jervis-secrets-test
But, for use this solution I have to write in the .jervis.yml the secret text. Is there anyway to get a jenkins credentials directly from inside the Jervis?
I imagine something like this:
jenkins:
credentials:
- MY_SECRET_TEXT: id_jenkins_secret_text
- MY_SECRET_USER: id_jenkins_secret_user.USERNAME
- MY_SECRET_PASSWORD: id_jenkins_secret_user.PASSWORD
I’ll consider it to core. However, you can add your own custom workflow library that has an adminSecretsMap var. it would be a key value pair which gets hidden from the console output and injected as environment variables.
https://github.com/samrocketman/jervis/blob/264312a267460133d92adf21aff4dbbbc1564298/vars/buildViaJervis.groovy#L311
For now, no immediate plans.
This extension was added so admins can add any arbitrary secrets support they like via their own groovy code.
I have to install the "Global Variable String Parameter" and it worked. I can setup a variable and use it inside the .jervis.yml.
This plugin could be in the "jenkins-bootstrap-shared" project
I'd rather limit plugins to only those essential to core logic at this time. I don't see myself using that plugin. I may expand the plugins to include metrics as well.
Building your own custom fork of the bootstrapper should be fairly easy. Just a matter of you bootstrapping to the UI. Installing the plugins, and then saving the installed plugins via the bootstrap scripts to generate a new dependencies.gradle.