Skip to content

Instantly share code, notes, and snippets.

@rogmanster

rogmanster/jenkinsfile

Created April 23, 2020 18:02
Show Gist options
  • Save rogmanster/55e0555906de947737b0ace07fd5e174 to your computer and use it in GitHub Desktop.
Save rogmanster/55e0555906de947737b0ace07fd5e174 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
jenkinsfile
pipeline {
agent any
stages {
stage('Integration Tests') {
steps {
sh 'curl -s -o vault.zip https://releases.hashicorp.com/vault/1.4.0/vault_1.4.0_linux_amd64.zip ; yes | unzip vault.zip'
withCredentials([string(credentialsId: 'JENKINS_VAULT_ADDR', variable: 'VAULT_ADDR'),string(credentialsId: 'JENKINS_VAULT_TOKEN', variable: 'VAULT_TOKEN')]) {
sh '''
set +x
## ENV
export VAULT_ADDR=${VAULT_ADDR}
export VAULT_TOKEN=${VAULT_TOKEN}
## Vault Cluster
./vault status
## Get Role_ID and Secret_ID
echo
role_id=$(./vault read -field=role_id auth/approle/role/jenkins/role-id)
secret_id=$(./vault write -f -field=secret_id auth/approle/role/jenkins/secret-id)
echo
echo "role_id: $role_id"
echo "secret_id: $secret_id"
## Get Vault Token (show output)
echo
./vault write auth/approle/login role_id=$role_id secret_id=$secret_id
## Set Vault Token
echo
vault_token=$(./vault write -field=token auth/approle/login role_id=$role_id secret_id=$secret_id)
echo "vault_token: $vault_token"
## Vault login and fetch secret
echo
./vault login $vault_token
echo
./vault kv get secret/mycred
'''
}
}
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment