Step1: pull credentials from cyberark vault and add end point details from cloudformation output. (in jenkins)
Step2: Create json with above info. (in jenkins)
Step3: Jenkins job comprising of below steps:
a. move above json to http document root.
b. start apache server with access locally limited.
Step4: Docker file needs to comprise of below actions
a. yum install curl jq
b. curl -s http://some-endpoint/some.json | jq --raw-output '.dev.frontend.password'
Step5: Jenkins "create-docker-image-xyz" to perform below steps:
a. create image based on above docker file.
c. trigger cleanup job:
i. stop apache.
ii. remove json
* We can even encrypt the passwords as well.
Here is the sample json file:
{
"dev" : {
"frontend" : {
"username" : "xyz",
"password" : "somepass"
},
"backend" : {
"username" : "xyz",
"password" : "somepass"
}
},
"stage" : {
"frontend" : {
"username" : "xyz",
"password" : "somepass"
},
"backend" : {
"username" : "xyz",
"password" : "somepass"
},
"worker" : {
"username" : "xyz",
"password" : "somepass"
}
},
"prod" : {
"frontend" : {
"username" : "xyz",
"password" : "somepass"
},
"backend" : {
"username" : "xyz",
"password" : "somepass"
}
}
}
No comments:
Post a Comment