search

jenkinsci / nomad-plugin

Nomad cloud plugin for Jenkins
https://plugins.jenkins.io/nomad/
MIT License
56 stars 41 forks source link

Support Vault Integration #58

Closed julian-haase closed 3 years ago

julian-haase commented 5 years ago

Hey there, it would be great if this plugin also supports nomad vault integration https://www.nomadproject.io/docs/vault-integration/index.html and https://www.nomadproject.io/docs/job-specification/template.html#vault-kv-api-v1. Unlike Jenkins Secrets, it allows you to retrieve Secrets at container runtime, without telling the Jenkins slave where to get the necessary Secrets for the upcoming build process. I think this is the intended way to interact with Nomad and Vault.

In my opinion, this requires the following two things:

  1. specify a policy for getting a valid token (https://www.nomadproject.io/docs/job-specification/vault.html)
  2. define a template stanza to retrieve the secrets (https://www.nomadproject.io/docs/job-specification/template.html#vault-kv-api-v2)
phedoreanu commented 5 years ago

Hey @julian-haase

Feel free submit a PR, if you have time and energy!

josemaia commented 3 years ago

PR submitted for this issue, #69

phedoreanu commented 3 years ago

Merged. Thanks!