GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → JetBrains → teamcity-hashicorp-vault-plugin

JetBrains / teamcity-hashicorp-vault-plugin

Licence: Apache-2.0 license
TeamCity plugin to support HashiCorp Vault

Programming Languages

java
68154 projects - #9 most used programming language
kotlin
9241 projects

Labels

vaultteamcityhashicorp-vault

Projects that are alternatives of or similar to teamcity-hashicorp-vault-plugin

letsencrypt-to-vault
Renew or get Let's Encrypt certificates and send it to Hashicorp Vault
Stars: ✭ 84 (+265.22%)
Mutual labels:  vault, hashicorp-vault
puppet-vault
Puppet module to manage Vault (https://vaultproject.io)
Stars: ✭ 41 (+78.26%)
Mutual labels:  vault, hashicorp-vault
Goldfish
A HashiCorp Vault UI written with VueJS and Vault native Go API
Stars: ✭ 2,174 (+9352.17%)
Mutual labels:  vault, hashicorp-vault
breakglass
A command line tool to provide login credentials from Hashicorp Vault
Stars: ✭ 33 (+43.48%)
Mutual labels:  vault, hashicorp-vault
vault-consul-swarm
Deploy Vault and Consul with Docker Swarm
Stars: ✭ 20 (-13.04%)
Mutual labels:  vault, hashicorp-vault
gke-vault-demo
This demo builds two GKE Clusters and guides you through using secrets in Vault, using Kubernetes authentication from within a pod to login to Vault, and fetching short-lived Google Service Account credentials on-demand from Vault within a pod.
Stars: ✭ 63 (+173.91%)
Mutual labels:  vault, hashicorp-vault
hookpick
A tool to manage some operational concepts of Hashicorp Vault
Stars: ✭ 83 (+260.87%)
Mutual labels:  vault, hashicorp-vault
k8s-vault-webhook
A k8s vault webhook is a Kubernetes webhook that can inject secrets into Kubernetes resources by connecting to multiple secret managers
Stars: ✭ 107 (+365.22%)
Mutual labels:  vault, hashicorp-vault
vault-token-helper
@hashicorp Vault Token Helper for macOS, Linux and Windows with support for secure token storage and multiple Vault servers 🔐
Stars: ✭ 74 (+221.74%)
Mutual labels:  vault, hashicorp-vault
rundeck-vault-plugin
Development continues here:
Stars: ✭ 17 (-26.09%)
Mutual labels:  vault, hashicorp-vault
pico
A Git-driven task runner built to facilitate GitOps and Infrastructure-as-Code while securely passing secrets to tasks.
Stars: ✭ 51 (+121.74%)
Mutual labels:  vault, hashicorp-vault
vault-puppet
Using @hashicorp Vault with Puppet
Stars: ✭ 36 (+56.52%)
Mutual labels:  vault, hashicorp-vault
vault-converter
Support converting Vault Secrets to diffrent formats.
Stars: ✭ 15 (-34.78%)
Mutual labels:  vault, hashicorp-vault
vault-consul-docker
Vault + Consul + Docker
Stars: ✭ 75 (+226.09%)
Mutual labels:  vault, hashicorp-vault
secrets cli
CLI for storing and reading your secrets via vault
Stars: ✭ 24 (+4.35%)
Mutual labels:  vault, hashicorp-vault
vault-demo
Walkthroughs and scripts for my @hashicorp Vault talks
Stars: ✭ 67 (+191.3%)
Mutual labels:  vault, hashicorp-vault
CI-Report-Converter
The tool converts different error reporting standards for deep compatibility with popular CI systems (TeamCity, IntelliJ IDEA, GitHub Actions, etc).
Stars: ✭ 17 (-26.09%)
Mutual labels:  teamcity
go-fsimpl
Go io/fs.FS filesystem implementations for various URL schemes
Stars: ✭ 225 (+878.26%)
Mutual labels:  vault
certctl
A command line tool able to request certificate generation from Vault to write certificate files to the local filesystem.
Stars: ✭ 13 (-43.48%)
Mutual labels:  vault
vault-ca
Set of scripts to create your own CA using hashicorp Vault
Stars: ✭ 16 (-30.43%)
Mutual labels:  vault
View All Similar Projects ➔

TeamCity Plugin for HashiCorp Vault

official JetBrains project

The plugin allows connecting TeamCity to Vault, requesting new credentials when a build starts, passing them to the build script, and revoking them immediately when the build finishes.

See blog post for details.

Download binaries in Plugin repository.

Configure with AWS IAM auth method

If both your TeamCity and Vault installations run on AWS EC2 instances, it is possible to use AWS IAM Auth method to authenticate to Vault. To enable this authentication method, check AWS IAM Auth method in the connection parameter screen.

It would even work if only TeamCity agents and Vault are on AWS EC2 instances, TeamCity server may be deployed elsewhere. Though in such case 'Test Connection' won't work.

Vault connector

Notes

Server-side token revoke

It's recommended to add folowing policy to approle, so TeamCity server will be able to revoke token even if TeamCity agent fails to do that on finishing build:

path "auth/token/revoke-accessor" {
  capabilities = ["update"]
}
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].