Jenkins
The Jenkins allows environment variables to be set within the execution of jobs. It also allows safe storage of values that can be used within these same pipelines without exposure. The administrator's challenge is ensuring that these same variables are automatically rotated.
Through Jenkins' native architecture, senhasegura enables variables to be set at pipeline runtime through our Jenkins plugin.
In addition, to ensure better governance for administrators, all variables that are available in the Job environment will be sent to senhasegura DSM .
Installing Jenkins plugin
To install the senhasegura Jenkins plugin, using the .hpi
plugin file, follow the steps bellow:
Access your Jenkins account;
On the home page, click on the Manage Jenkins option on the side menu;
Click on the option Manage Plugins;
On the Advanced tab, select the plugin file on your computer;
Click the Upload button;
To finish the installation, restart Jenkins;
Secret injection in Jenkins pipelines
To configure the senhasegura Jenkins plugin you need to have a Client ID and Client Secret for authentication via API. To generate the access keys, follow the steps described dsm-register-auth and dsm-view-auth sections of this manual.
To configure the plugin, follow these steps:
Access your Jenkins account;
Create an Job or select an existing one;
In the side menu, click on the option Configure;
Scroll down to the Build Environment session and activate the use of the senhasegura DSM Plugin;
In the senhasegura URL field, enter the senhasegura instance IP or hostname;
Click on Add button to create a new credential;
At the opened window, select the senhasegura Auth Credential option into Kind field;
Fill the fields Client ID, Client Secret and Description and click at Add button;
Finally, in the senhasegura Auth Credential field, select a credential to be injected;