This plugin adds a build wrapper to set Jenkins environment variables from an Akeyless Vault secret.
Secrets are generally masked in the build log, so you can't accidentally print them.
It also has the ability to inject Vault credentials into a build pipeline or freestyle job for fine-grained vault interactions.
Click “Manage Jenkins”:
Click “Manage Plugins”:
Find Vault plugin and click install:
In the Main page, click “New Item”, and then select “Freestyle project”:
Go to “Build Environment”, check the “Vault Plugin”, add the vault URL and click “Add” in “Vault Credential”:
Fill the following fields, for this step you should use dedicated vault token:
The token should be in the following structure: <access_id>..<access_key>
Choose the created vault credential , and click “Advanced”:
Fill the following fields and click “Add a Vault secret”:
Fill the following:
In Build, click “Execute shell”:
Copy the following into the command box:
mysql --host host.docker.internal --port 3306 --user=$USER --password=$PASS -e 'select user,host from mysql.user where user like "root";' exit 0
Click “Apply” and “Save”.
Click “Build Now” and expect to see the following Console Output:
The below screen demonstrates how to configure static secrets:
Updated 3 months ago