This repository has been archived by the owner on Apr 2, 2024. It is now read-only.
DSE Deployment - Pass credentials gathered through Vault into Podman DSE instance #30
Assignees
Milestone
Comments
marcionemec-daitan
added this to the PoC - DataSync Engine in Stage Environment milestone
|
@marcionemec-daitan you can reach out to Andreas Wilson and Grace Ruan from 1Team for assistance resolving this issue |
marcionemec-daitan
added a commit
that referenced
this issue
Feb 13, 2024
marcionemec-daitan
added a commit
that referenced
this issue
Feb 13, 2024
marcionemec-daitan
added a commit
that referenced
this issue
Feb 13, 2024
marcionemec-daitan
added a commit
that referenced
this issue
Feb 13, 2024
marcionemec-daitan
added a commit
that referenced
this issue
Feb 13, 2024
marcionemec-daitan
added a commit
that referenced
this issue
Feb 13, 2024
marcionemec-daitan
added a commit
that referenced
this issue
Feb 13, 2024
marcionemec-daitan
added a commit
that referenced
this issue
Feb 13, 2024
marcionemec-daitan
added a commit
that referenced
this issue
Feb 13, 2024
marcionemec-daitan
added a commit
that referenced
this issue
Feb 13, 2024
marcionemec-daitan
added a commit
that referenced
this issue
Feb 14, 2024
marcionemec-daitan
added a commit
that referenced
this issue
Feb 14, 2024
marcionemec-daitan
added a commit
that referenced
this issue
Feb 14, 2024
marcionemec-daitan
added a commit
that referenced
this issue
Feb 14, 2024
marcionemec-daitan
added a commit
that referenced
this issue
Feb 14, 2024
marcionemec-daitan
added a commit
that referenced
this issue
Feb 14, 2024
marcionemec-daitan
added a commit
that referenced
this issue
Feb 14, 2024
marcionemec-daitan
added a commit
that referenced
this issue
Feb 14, 2024
marcionemec-daitan
added a commit
that referenced
this issue
Feb 14, 2024
marcionemec-daitan
added a commit
that referenced
this issue
Feb 14, 2024
marcionemec-daitan
added a commit
that referenced
this issue
Feb 14, 2024
marcionemec-daitan
added a commit
that referenced
this issue
Feb 14, 2024
marcionemec-daitan
added a commit
that referenced
this issue
Feb 14, 2024
marcionemec-daitan
added a commit
that referenced
this issue
Feb 14, 2024
marcionemec-daitan
added a commit
that referenced
this issue
Feb 15, 2024
marcionemec-daitan
added a commit
that referenced
this issue
Feb 15, 2024
marcionemec-daitan
added a commit
that referenced
this issue
Feb 15, 2024
marcionemec-daitan
added a commit
that referenced
this issue
Feb 15, 2024
marcionemec-daitan
added a commit
that referenced
this issue
Feb 15, 2024
* #27 - Including JenkinsFile for Polaris Jenkins Server * #27 - Including some changes to test Polaris Features * #27 Updating agent configuration * #27 Remove unnecessary python checking * #27 Including post conditions * #27 Including 1st test to determine readiness of code * #27 Fixing missing single quote * #27 pwd + dir * #27 Including Docker file for podman build containerization * #27 Hello World message to guarantee no error message in pipeline, for now. * #30 Testing Vault Access with Token * #30 Vtoken credential as environment variable for all stages * #30 Including requests in the libraries of project * #30 passing environment arguments to container * #30 removing JSON from requirements.txt * #30 Handling env vars * #30 Bringing secrets inside podman * #30 Fixing arguments syntax * #30 fixing typo * #30 Using Podman polaris library to build container * #30 removing script podman library exchanging to execute withcredentials * #30 Fixing credentials getter * #30 fixing env var names * #30 fixing env var passthrough pod * #30 Including Unit Test for env Variables * #30 fixing identation * #30 renaming env var * #30 renaming env vars * #30 renaming env jenkins vars * #30 renaming variables * #30 removing cred for simple vars * #30 Quote env vars from jenkins * #30 Verifying env vars * #30 fixing env var * #30 sync vars env * #30 change env vars to bring req jenkins vars * #30 Solve Boolean type mismatch * #30 fixing library os environ access * #30 fixing unit test function * #30 vault token compliance unit test
marcionemec-daitan
added a commit
that referenced
this issue
Feb 15, 2024
* Adapt data sync engine to run on jenkins (#18) #5: Adapt Engine to run on Jenkins Cron * #19 Include Compliance YAML to project to track risks and Privacy Impact Assessment status (#21) * #13 Include Badge for project Status (#24) * Feature/27/marcio/jenkins convert to polaris (#28) * #27 - Including JenkinsFile for Polaris Jenkins Server * #27 - Including some changes to test Polaris Features * #27 Updating agent configuration * #27 Remove unnecessary python checking * #27 Including post conditions * #27 Including 1st test to determine readiness of code * #27 Fixing missing single quote * #27 pwd + dir * #27 Including Docker file for podman build containerization * #27 Hello World message to guarantee no error message in pipeline, for now. * Feature/30/marcio/vault credentials to jenkins polaris (#31) * #27 - Including JenkinsFile for Polaris Jenkins Server * #27 - Including some changes to test Polaris Features * #27 Updating agent configuration * #27 Remove unnecessary python checking * #27 Including post conditions * #27 Including 1st test to determine readiness of code * #27 Fixing missing single quote * #27 pwd + dir * #27 Including Docker file for podman build containerization * #27 Hello World message to guarantee no error message in pipeline, for now. * #30 Testing Vault Access with Token * #30 Vtoken credential as environment variable for all stages * #30 Including requests in the libraries of project * #30 passing environment arguments to container * #30 removing JSON from requirements.txt * #30 Handling env vars * #30 Bringing secrets inside podman * #30 Fixing arguments syntax * #30 fixing typo * #30 Using Podman polaris library to build container * #30 removing script podman library exchanging to execute withcredentials * #30 Fixing credentials getter * #30 fixing env var names * #30 fixing env var passthrough pod * #30 Including Unit Test for env Variables * #30 fixing identation * #30 renaming env var * #30 renaming env vars * #30 renaming env jenkins vars * #30 renaming variables * #30 removing cred for simple vars * #30 Quote env vars from jenkins * #30 Verifying env vars * #30 fixing env var * #30 sync vars env * #30 change env vars to bring req jenkins vars * #30 Solve Boolean type mismatch * #30 fixing library os environ access * #30 fixing unit test function * #30 vault token compliance unit test
marcionemec-daitan
added a commit
that referenced
this issue
Feb 15, 2024
* Adapt data sync engine to run on jenkins (#18) (#20) #5: Adapt Engine to run on Jenkins Cron * Include Compliance YAML (#22) Include Compliance YAML to project to track risks and Privacy Impact Assessment status (#21) * Develop (#25) Added Life Cycle Badge * Feature/27/marcio/jenkins convert to polaris (#28) * #27 - Including JenkinsFile for Polaris Jenkins Server * #27 - Including some changes to test Polaris Features * #27 Updating agent configuration * #27 Remove unnecessary python checking * #27 Including post conditions * #27 Including 1st test to determine readiness of code * #27 Fixing missing single quote * #27 pwd + dir * #27 Including Docker file for podman build containerization * #27 Hello World message to guarantee no error message in pipeline, for now. * Develop (#29) * Adapt data sync engine to run on jenkins (#18) #5: Adapt Engine to run on Jenkins Cron * #19 Include Compliance YAML to project to track risks and Privacy Impact Assessment status (#21) * #13 Include Badge for project Status (#24) * Feature/27/marcio/jenkins convert to polaris (#28) * #27 - Including JenkinsFile for Polaris Jenkins Server * #27 - Including some changes to test Polaris Features * #27 Updating agent configuration * #27 Remove unnecessary python checking * #27 Including post conditions * #27 Including 1st test to determine readiness of code * #27 Fixing missing single quote * #27 pwd + dir * #27 Including Docker file for podman build containerization * #27 Hello World message to guarantee no error message in pipeline, for now. * Feature/30/marcio/vault credentials to jenkins polaris (#31) * #27 - Including JenkinsFile for Polaris Jenkins Server * #27 - Including some changes to test Polaris Features * #27 Updating agent configuration * #27 Remove unnecessary python checking * #27 Including post conditions * #27 Including 1st test to determine readiness of code * #27 Fixing missing single quote * #27 pwd + dir * #27 Including Docker file for podman build containerization * #27 Hello World message to guarantee no error message in pipeline, for now. * #30 Testing Vault Access with Token * #30 Vtoken credential as environment variable for all stages * #30 Including requests in the libraries of project * #30 passing environment arguments to container * #30 removing JSON from requirements.txt * #30 Handling env vars * #30 Bringing secrets inside podman * #30 Fixing arguments syntax * #30 fixing typo * #30 Using Podman polaris library to build container * #30 removing script podman library exchanging to execute withcredentials * #30 Fixing credentials getter * #30 fixing env var names * #30 fixing env var passthrough pod * #30 Including Unit Test for env Variables * #30 fixing identation * #30 renaming env var * #30 renaming env vars * #30 renaming env jenkins vars * #30 renaming variables * #30 removing cred for simple vars * #30 Quote env vars from jenkins * #30 Verifying env vars * #30 fixing env var * #30 sync vars env * #30 change env vars to bring req jenkins vars * #30 Solve Boolean type mismatch * #30 fixing library os environ access * #30 fixing unit test function * #30 vault token compliance unit test
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Issue: Database credentials needs to be handled by a secrets engine (Vault) to be injected in the Source Code of Data Sync Engine in Run Time execution, avoiding data leakage.
Background: Vault access was configured in Jenkins Cron server, but needs to be implemented in the Jenkins Polaris architecture, using podman containerized application.
List of base documentation to implement:
Acceptance Criteria:
1: Sample Dummy code retrieving data from Vault and checking if K/V are expected.
2: Documentation in Confluence Page.
** Ticket Reference **
This ticked blocks Issue bcgov/nr-spar-data#47 as database credentials are stored in Vault, so first is needed to implement a vault access to Jenkins Polaris execution instance.
The text was updated successfully, but these errors were encountered: