You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Under advance usage within the readme it suggests that multi-field credentials support isn't available yet. For us, we use key value secrets within secrets manager (stored as json) and currently use the readJson method. While this is ok if our pipeline only needed 1-2 secrets we however use many. It seems impractical to use withCredentials and readJson on every step that requires secrets. Additionally making the credential string available as an env var seems to me like a fairly big security concern given that the secret could just be echod out with printenv. Is there an alternative I method for using this I am not seeing or is there room for an enhancement of this plugin? thanks.
Upstream changes
No response
The text was updated successfully, but these errors were encountered:
Hi, you are correct that at the moment generic multi-field credentials (stored in JSON) are not natively supported within the plugin; you must use the readJson method instead for that.
If you just want to use the standard credential types (SSH key, username+password, certificate) however, those are supported - see the README for details.
If you use Jenkins Configuration as Code, and you really do need support for arbitrary multi-field credential types outside of the standard ones (e.g. vendor specific credentials which consist of two or more secret fields), you have another option in the form of the https://github.com/jenkinsci/aws-secrets-manager-secret-source-plugin. That plugin is the low-level counterpart of this one and works at the level of casc.yaml.
You mention that you use 'many' secrets per job - how many are you typically using? (Depending on the problem you're running into, there may potentially be a usability limitation with the withCredentials API - which would affect more credentials providers than just this one.)
Is there some plans to support json formatted AWS secrets in near future without any tricks?
I am having json secret in AWS secrets manager which is expected to be available in Jenkins secrets (via this plugin) and used directly there by Google Compute engine cloud node configuration, i.e. there is not any possibility to pipeline steps with readJson between.
What feature do you want to see added?
Under advance usage within the readme it suggests that multi-field credentials support isn't available yet. For us, we use key value secrets within secrets manager (stored as json) and currently use the readJson method. While this is ok if our pipeline only needed 1-2 secrets we however use many. It seems impractical to use withCredentials and readJson on every step that requires secrets. Additionally making the credential string available as an env var seems to me like a fairly big security concern given that the secret could just be echod out with printenv. Is there an alternative I method for using this I am not seeing or is there room for an enhancement of this plugin? thanks.
Upstream changes
No response
The text was updated successfully, but these errors were encountered: