Skip to content
This repository has been archived by the owner on Nov 22, 2023. It is now read-only.

Create Jenkins plugin for keywhiz - feedback #300

Open
452 opened this issue Jan 5, 2017 · 1 comment
Open

Create Jenkins plugin for keywhiz - feedback #300

452 opened this issue Jan 5, 2017 · 1 comment

Comments

@452
Copy link

452 commented Jan 5, 2017
edited

I am now at a crossroads between choice Keywhiz and vaultproject

vaultproject have Jenkins plugin https://wiki.jenkins-ci.org/display/JENKINS/HashiCorp+Vault+Plugin

but I love Java =), and think about a choice Keywhiz, but hesitate which choose

please provide Jenkins plugin for Jenkins Pipeline (https://wiki.jenkins-ci.org/display/JENKINS/Pipeline+Plugin) and Jenkins UI

we have the next infrastructure, AWS EC2, ECR, ECS, RDS, (Docker) (JBoss Fuse, Tomcat) (dev, qa, staging, prod)

be better to see some examples how to integrate Jenkins, AWS, Docker with Keywhiz
Docker can read credentials on run container step https://github.com/452/docker/blob/master/java-swing/run.sh#L2

#!/bin/bash
APPLICATION=${APPLICATION:-ZONE51}
TIMEOUT=${TIMEOUT:-25000}
BACKEND_AUTH_ENDPOINT=${BACKEND_AUTH_ENDPOINT:-https://my.com/am-auth}
BACKEND_ENDPOINT=${BACKEND_ENDPOINT:-https://my.com/hello}
JMS_BROKER_URL=${JMS_BROKER_URL:-tcp://my.com:61616}
JMS_BROKER_USER=${JMS_BROKER_USER:-myprod}
JMS_BROKER_PASSWORD=${JMS_BROKER_PASSWORD:-999}
GOOGLE_ANALYTICS_ACCOUNT=${GOOGLE_ANALYTICS_ACCOUNT:-UA-999}

cat << EOF > $CATALINA_BASE/conf/zone51.properties
rest.client.application = $APPLICATION
rest.client.timeout = $TIMEOUT
backend.auth.endpoint = $BACKEND_AUTH_ENDPOINT
backend.endpoint = $BACKEND_ENDPOINT
jms.broker.url = $JMS_BROKER_URL
jms.broker.user = $JMS_BROKER_USER
jms.broker.password = $JMS_BROKER_PASSWORD
google.analytics.account = $GOOGLE_ANALYTICS_ACCOUNT
EOF

exec /usr/local/bin/run

and also if you can please provide in documentation some info about how to integrate or use with centralized configuration management/Consul/etcd/
https://github.com/cfg4j/cfg4j
http://cloud.spring.io/spring-cloud-config/spring-cloud-config.html

Also need support for infrastructure as code IaC
https://github.com/jhaals/ansible-vault
https://www.terraform.io/docs/providers/index.html

this message just feedback - for Improve Keywhiz for production ready
@mcpherrinm
Copy link
Contributor

While that seems useful, it's unlikely that I or anyone on my team is going to have the time or expertise to write a Jenkins plugin, as we don't use Jenkins much.

I'll keep this issue open for now, and look into what this entails at some point.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mcpherrinm @452