In order to store secret files (certs, secrets, keys, etc.), within CircleCI, one can can use Akeyless Vault as a third-party secret storage solution.
You need to have an existing repo that is followed by CircleCI (in our example it’s named TestRepo):
- Setup global configuration in your CircleCI project
a. Go into Project Settings:
b. Go into Environment Variables to setup global configuration:
In our example, you would need to configure the following environment variables:
Similarly, you can set your admin_email and admin_password as environment variables:
- Create/update your config.yml file for CircleCI (should be in .circleci/config.yml).
version: 2.1 jobs: build: docker: - image: akeyless/ci_base environment: mysecret: akeyless://mySecret demo_secret: akeyless://demo-secret BASH_ENV: ~/.bashrc steps: - checkout # check out the code in the project directory - run: name: Authenticate to Akeyless command: akeyless auth --admin-email $admin_email --admin-password $admin_password - run: name: Fetch Secret command: echo "mysecret=[$mysecret]" && echo "demo_secret=[$demo_secret]"
Example 2 - supporting Zero Trust Encryption with a customer fragment:
Go into Environment Variables to setup global configuration:
In our example, you would need to configure the following environment variable:
If you have your own Akeyless API Gateway setup - set the URL for the Restful API, otherwise you can use Akeyless Public API Gateway with the following URL:
- Pipeline will be triggered and you'll be able to view your build:
Updated about a month ago