Tag: security

Ansible-vault password in Jenkins

 

Ansible is one of my favorite tools. I use them for almost everything – system configuration, servers provisioning, serverless services provisioning and even for calling API that hasn’t its own Ansible module. You can do everything with Ansible! Moreover, you can also use Jenkins to run Ansible. I’m very glad that it’s possible and I use that possibility as often as possible. Of course, only if it makes sense. Also, I’m sure that it’s normal practice, as somebody develops an Ansible plugin for Jenkins. Anyway, one of the very, very important Ansible’s feature is ansible-vault, that allows to encrypt sensitive Continue reading

How to pass credentials to Jenkins pipeline

 

Working with sensitive data is a hard thing nowadays. Especially in a DevOps methodology. New tools and ways of solving problems don’t make it easier. Well, for some reasons, DevSecOps came to life. Almost all systems need some type of credentials – password, API tokens, keys, certificates and so on. In Infrastructure as a Code, Configuration as a Code and other approaches like these mentioned, working with git repositories is necessary. But it’s a very bad practice to store credentials in a plain text. I hope that I don’t need to explain why. Luckily, most of the mature tools have Continue reading

How to use credentials in Jenkins projects?

 

Some time ago I published a post in which I explain how you can create credentials in Jenkins. It’s very important topic because there are several ways to manage the credentials, but not all of them are safe. I showed you in my post how to use Credential Plugin, and it’s enough for adding, storing and managing secrets, but not for using them in the builds. I think this topic should have a separate discussion, so I decided to make this post. So now you will learn how to use credentials in Jenkins projects! Short reminder One can add and manage Continue reading

How to create credentials in Jenkins

 

Every system, application or another solution has some authentication providers. Sometimes it’s a local password storage, sometimes administrator can implement AD (or another LDAP), Radius, OAuth etc. Nobody can reach the system without username and password, private key, secret token etc. Words below are so obvious that I feel stupid for writing them. But anyway it’s a very important entry into my today post – how to create credentials in Jenkins. Because even Jenkins has to use credentials in its projects and builds. If you have ever used Jenkins, you probably know that you can pass username and password as a Continue reading