The flow for usage with this plugin is actually outside of Jenkins pipelines. These are the 2 flows/use cases I built this for:
Jenkins Users:
If no external auth system is being used such as SAML/LDAP/Active Directory etc, Jenkins admins/platform team create vault policies to allow consuming teams to create Jenkins users to run Jenkins jobs/communicate with the API.
Dev team has automation to renew/create short lived users for their consumption of Jenkins.
Jenkins API Tokens:
External provider such as SAML/LDAP/Active Directory is used frequently and rate limits occur due to high Jenkins usage.
Jenkins consumers with their service account can then use vault to create short lived API tokens for said service account user which will not call external provider frequently and avoid rate limits.
Hey @alexcfpho !
My coworkers actually created a vault plugin for GitLab CI: github.com/splunk/vault-plugin-sec...
The flow for usage with this plugin is actually outside of Jenkins pipelines. These are the 2 flows/use cases I built this for:
Jenkins Users:
Jenkins API Tokens:
@alexcfp would you mind linking me the newsletter you saw? I wasn't aware of it