Open skrishna375 opened 2 years ago
pls try to adjust CASC_VAULT_PATHS=<mountpoint>
/jenkins/controller/
Hi @dshvedchenko ,
We don't have any mountpoint setup in vault, can you help here further and let me know if any information required from my end.
Thanks in advance.
@skrishna375 sorry to respond late, the default mountpoint in vault is secret
. so you can try it
Jenkins and plugins versions report
Environment
```text OS: CentOS 7 Jenkins Version: 2.289.2 Plugins: configuration-as-code: 1.55.1 hashicorp-vault-plugin: 3.8.0 credentials: 2.6.1 ``` I am using GCE to configure Jenkins Controller via Configuration-as-code plugin, while configuring Vault as a secret source provider - could see some difficulties from setting up the Environment variables and connecting to vault to fetch secrets. Queries: 1. Do we have any option "CASC_VAULT_FILE" from Java options like we have as "-Dcasc.jenkins.config" as am managing the installation via Package management and not using Docker/Kubernetes. 2. As an alternative, I had created a file with the following details and then exported to this variable before starting up the Jenkins service but am getting Variable unresolved error as given below. `WARNING i.j.p.c.SecretSourceResolver$UnresolvedLookup#lookup: Configuration import: Found unresolved variable 'test_user'. Will default to empty string` CASC_VAULT_FILE: CASC_VAULT_TOKEN=What Operating System are you using (both controller, and any agents involved in the problem)?
CentOS 7
Reproduction steps
Could replicate the same issue with Jenkins docker lts image for the version 2.289.2
Dockerfile:
Plugins: credentials:2.6.1 configuration-as-code:1.55.1 hashicorp-vault-plugin:3.8.0
Expected Results
Jenkins should be able to fetch secrets from the vault as declared in the configuration Environment variable to configure via Package installation
Actual Results
Unable to fetch values from vault due to the error as mentioned
WARNING i.j.p.c.SecretSourceResolver$UnresolvedLookup#lookup: Configuration import: Found unresolved variable 'test_user'. Will default to empty string
Anything else?
No response