Jenkins Declarative Pipeline
The Verify Privilege DevOps Vault (VP-DV) Jenkins Plugin allows secrets to be used in a Jenkins build using Declarative Support.
Pipeline Script
In version 1.1.1, dsvSecret
can be used in a Pipeline script.
Example
Copy
pipeline {
agent any
stages {
stage("Read DSV secrets") {
steps {
script {
// define a configuration that can be used for getting many secrets
def configuration = [tenant: 'mariia', credentialsId: 'my_dsv_credentials']
def DSV_SECRET_VALUE = dsvSecret(config: configuration, secretPath: 'hello-world:secret', secretDataKey: 'mykey'){}
sh 'echo "$DSV_SECRET_VALUE"'
if (DSV_SECRET_VALUE == 'this is a secret') {
echo 'Ok'
} else {
echo 'Not ok'
}
def SECRET1 = dsvSecret(config: configuration, secretPath: 'hello-world:jenkins', secretDataKey: 'secret1'){}
sh 'echo "$SECRET1"'
if (SECRET1 == 'value1') {
echo 'Ok'
} else {
echo 'Not ok'
}
def SECRET2 = dsvSecret(config: configuration, secretPath: 'hello-world:jenkins', secretDataKey: 'secret2'){}
sh 'echo "$SECRET2"'
if (SECRET2 == 'value2') {
echo 'Ok'
} else {
echo 'Not ok'
}
}
}
}
}
}
Checking for hidden values can be seen in the console output.