Integrate with Jenkins

the kron pam secret plugin makes secrets that are stored in kron pam aapm securely available to jenkins jobs jenkins jobs can authenticate to the aapm account and access the specific secret values this plugin offers advantages to both kron pam and jenkins users the kron pam secret plugin stores secret values securely and prevents secrets from being exposed in jenkins jobs it also provides flexibility with the support of jenkins script projects as well as global configurations with this plugin, jenkins job is simplified by requiring only a url or reference id to a secret, and the configuration is made easy for jenkins users with a familiar user interface installing jenkins prerequisites you must have a fully functioning kron pam aapm configured you must have a fully functioning jenkins host configured and running to obtain the hpi file and upload it using the jenkins ui download the singleconnectsecretplugin hpi file to your computer when you have the hpi file, log into jenkins as an administrator navigate to dashboard > manage jenkins > manage plugins > advanced tab in the upload plugin section, browse for singleconnectsecretplugin hpi and upload it to jenkins after installing the plugin, restart jenkins navigate to dashboard > manage jenkins > manage plugins > installed tab make sure your plugin is listed under the installed plugins before continuing with the configuration configuring jenkins adding credential the first configuration requirement for jenkins is to add the credential navigate to dashboard > manage jenkins > manage credentials > credentials > system > global credentials (unrestricted) click on jenkinsstore and it will direct you to system > global credentials (unrestricted) > add credentials defining the secret the second configuration requirement for jenkins is to store the credentials to connect to an aapm account the secrets that you want to obtain to connect to the aapm account must be defined explicitly select the credential kind from the drop down as kron pam credential select the scope as global (jenkins, nodes, items, all child items, etc ) enter the url for your localhost to define secrets https //\[local host]/sc aapm ui/rest/aapm/password enter data as follows {"token" " 9d0e79b4 5fb5 4836 824b 13d9d2cc909f","tenantid" "host", "comment" "abc", "passwordchangerequired" "false", "passwordexpirationinminute" "5"} enter id type as aapm secret 2 click save to save and store the aapm secret through jenkins ui usage first, create a project of your choice in this example, a freestyle project is selected then, navigate to dashboard > project name (test project 2) and click on the down arrow to select configure you will be directed to the configuration page; from there, navigate to the build environment tab to bind to the aapm secret, select use secret text(s) or file(s) navigate to the bindings tab or scroll down to the bindings section and click add select kron pam secret credential and the following will be selected automatically for you variable as singleconnect secret specific credential as kron pam credential aapm secret 2 (optional) you can add more than one credential if needed by using the add button once specific credentials are selected by adding the credential, you injected the secret as an environment variable to the build step of the project navigate to the build tab, click add build step and select a build step in the following example, we used execute shell run the command below (with your own naming conventions) to access the account using the secret variable you bound \#!/bin/bash click to finish the project configurations you successfully integrated jenkins with kron pam aapm check if you see the logs under sapm logs