Created
April 18, 2018 15:11
-
-
Save infamousjoeg/119a7636ae2eda9cc6ec53d145d46440 to your computer and use it in GitHub Desktop.
Example of injecting secrets from CyberArk Conjur into Concourse CI pipelines securely using CyberArk's Summon
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
jobs: | |
- name: job-hello-world | |
public: true | |
plan: | |
- task: hello-world | |
config: | |
platform: linux | |
image_resource: | |
type: docker-image | |
source: {repository: busybox} | |
run: | |
path: env | |
args: [] | |
params: | |
USERNAME: ((username)) | |
PASSWORD: ((password)) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
USERNAME: !var test/username | |
PASSWORD: !var test/password |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
set -eo pipefail | |
summon bash -c 'fly -t main set-pipeline -c pipeline.yml -p helloworld -v username=$USERNAME -v password=$PASSWORD' |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment