Comments (5)
@maqzee-git after several attempts at different approaches to multi-tenancy, multi-environment, and folders support, I've finally got an approach which should work with and support all of those...
Basically I'm implementing folders support for the credentials provider (using the OSS Cloudbees Folders Plugin) downstream in a new plugin, https://github.com/chriskilding/aws-secrets-manager-credentials-provider-folders-plugin
The idea is this will behave very similarly to the main plugin (supports all the same credential types, and configuration properties), with 2 differences:
- The plugin is configured at the folder level (on the Cloudbees Folder object's properties), not the global level
- Credentials from the extension plugin are scoped to the folder-level (i.e. only visible in the relevant folder and its subfolders)
In future, you'll be able to use this plugin and the extension plugin in 3 different ways:
- Together: This means you'll get both global credentials from this plugin, and folder-scoped credentials from the extension
- Just global credentials: Use just this plugin like you do today, and you'll only get global-scoped credentials
- Just folder credentials: Use only the extension plugin (which will be decoupled from this plugin in the future), and you will only get folder-scoped credentials
I'm looking for initial feedback on a super early stage version of it, so if you (or anyone watching this issue) would like to alpha test it and provide feedback, please head over to chriskilding/aws-secrets-manager-credentials-provider-folders-plugin#1 and indicate your interest :)
from aws-secrets-manager-credentials-provider-plugin.
Hi, folder support is a feature that has not been implemented in the plugin so far. However, off the top of my head, it could potentially be implemented. Perhaps with a new tag on the Secrets Manager secret which says which folder to restrict it to.
from aws-secrets-manager-credentials-provider-plugin.
Thanks for the update chris - do you know how long would it take to include this feature ?
from aws-secrets-manager-credentials-provider-plugin.
Looping in @edwardprzeniczny @NoamGoren @tuxy85 @alandevine
from aws-secrets-manager-credentials-provider-plugin.
I just stumbled upon this. Is there any development going on anymore on this? We would benefit of this feature on our multi-tenant Jenkins instance. @chriskilding
from aws-secrets-manager-credentials-provider-plugin.
Related Issues (20)
- Can we pass googleoauth2 parameters in the helm chart with this plugin HOT 2
- when we use filters option and deploy jenkins with configuration as code, plugin is not able to read if secrets are more than 10 HOT 6
- Support AWS credentials HOT 2
- Icons don't display for "SSH User Private Key" & "Certificate" credentials types HOT 4
- Support for browerstack credential kind HOT 2
- Cross-account role access doesn't appear to work HOT 3
- Make this plugin configurable at folder level, not just centrally HOT 7
- AWS EKS 1.24 client is not respecting jenkins-master pod role HOT 5
- casc config reports improper filter value HOT 5
- reading json secrets HOT 2
- Create support for username-password passing without tag value limitations HOT 3
- Support the popular AmazonWebServicesCredentialsBinding credential types HOT 2
- SSH Keys not working with sshagent
- Ability to set STS endpoint
- The plugin does not pick up Jenkins' proxy settings HOT 4
- Content goes to 404 in Jenkins's documentation
- File Credentials stored in AWS cannot be validated HOT 3
- Don't remove credentials during temporary issues HOT 3
- Github app credentials integrations HOT 1
- "Could not list credentials in Secrets Manager" HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from aws-secrets-manager-credentials-provider-plugin.