Jenkins Declarative Pipeline

The Verify Privilege DevOps Vault (VP-DV) Jenkins Plugin allows secrets to be used in a Jenkins build using Declarative Support.

Pipeline Script

In version 1.1.1, dsvSecret can be used in a Pipeline script.

alt

Example

Copy
pipeline {
    agent any
    stages {
        stage("Read DSV secrets") {
            steps {
                script {
                    // define a configuration that can be used for getting many secrets
                    def configuration = [tenant: 'mariia', credentialsId: 'my_dsv_credentials']
                    
                    def DSV_SECRET_VALUE = dsvSecret(config: configuration, secretPath: 'hello-world:secret', secretDataKey: 'mykey'){}
                    sh 'echo "$DSV_SECRET_VALUE"'
                    if (DSV_SECRET_VALUE == 'this is a secret') {
                        echo 'Ok'
                    } else {
                        echo 'Not ok'
                    }
                    
                    def SECRET1 = dsvSecret(config: configuration, secretPath: 'hello-world:jenkins', secretDataKey: 'secret1'){}
                    sh 'echo "$SECRET1"'
                    if (SECRET1 == 'value1') {
                        echo 'Ok'
                    } else {
                        echo 'Not ok'
                    }
                    
                    def SECRET2 = dsvSecret(config: configuration, secretPath: 'hello-world:jenkins', secretDataKey: 'secret2'){}
                    sh 'echo "$SECRET2"'
                    if (SECRET2 == 'value2') {
                        echo 'Ok'
                    } else {
                        echo 'Not ok'
                    }
                    
                }
            }
        }
    }
}

Checking for hidden values can be seen in the console output.

alt