CircleCI Plugin

CircleCI Plugin

In order to store secret files (certs, secrets, keys, etc.), within CircleCI, one can can use Akeyless Vault as a third-party secret storage solution.

Prerequsites

You need to have an existing repo that is followed by CircleCI (in our example it’s named TestRepo):

Configuration

  1. Setup global configuration in your CircleCI project
    a. Go into Project Settings:

b. Go into Environment Variables to setup global configuration:
In our example, you would need to configure the following environment variables:

  • access_id
  • access_key

Similarly, you can set your admin_email and admin_password as environment variables:

  1. Create/update your config.yml file for CircleCI (should be in .circleci/config.yml).

Example 1

version: 2.1
jobs:
  build:
    docker:
      - image: akeyless/ci_base
    environment:
      mysecret: akeyless://MySecret1
      demo_secret: akeyless://api-gw
      BASH_ENV: ~/.akeyless/akeyless_env.sh
    steps:
      - checkout # check out the code in the project directory
      - run:
          name: Authenticate to Akeyless
          command: akeyless auth --admin-email $admin_email --admin-password $admin_password
      - run:
          name: Fetch Akeyless secrets
          command: echo "mysecret=[$mysecret]" && echo "demo_secret=[$demo_secret]"

📘

Note:

You can choose any Authentication Method. Please make sure this Authentication Method have access to your secret.

Example 2 - supporting Zero Trust Encryption with a customer fragment:
Go into Environment Variables to setup global configuration:
In our example, you would need to configure the following environment variable:

  • AKEYLESS_API_GW_URL

If you have your own Akeyless Gateway setup - set the URL for the Restful API, otherwise you can use Akeyless Public Gateway with the following URL:
https://rest.akeyless.io

  1. Pipeline will be triggered and you'll be able to view your build: