github.com/ouraigua/jenkins-library@v0.0.0-20231028010029-fbeaf2f3aa9b/resources/metadata/vaultRotateSecretId.yaml (about) 1 metadata: 2 name: vaultRotateSecretId 3 description: Rotate Vault AppRole Secret ID 4 longDescription: This step takes the given Vault secret ID and checks whether it needs to be renewed and if so it will update the secret ID in the configured secret store. 5 spec: 6 inputs: 7 params: 8 - name: secretStore 9 type: string 10 description: "The store to which the secret should be written back to" 11 scope: 12 - PARAMETERS 13 - STAGES 14 - STEPS 15 default: "jenkins" 16 possibleValues: 17 - jenkins 18 - ado 19 - github 20 - name: jenkinsUrl 21 type: string 22 description: "The jenkins url" 23 scope: 24 - PARAMETERS 25 - STAGES 26 - STEPS 27 secret: true 28 resourceRef: 29 - type: vaultSecret 30 name: jenkinsVaultSecretName 31 default: jenkins 32 aliases: 33 - name: url 34 - name: jenkinsCredentialDomain 35 type: string 36 description: The jenkins credential domain which should be used 37 scope: 38 - PARAMETERS 39 - STAGES 40 - STEPS 41 default: "_" 42 - name: jenkinsUsername 43 type: string 44 description: "The jenkins username" 45 scope: 46 - PARAMETERS 47 - STAGES 48 - STEPS 49 secret: true 50 aliases: 51 - name: userId 52 resourceRef: 53 - type: vaultSecret 54 name: jenkinsVaultSecretName 55 default: jenkins 56 - name: jenkinsToken 57 type: string 58 description: "The jenkins token" 59 scope: 60 - PARAMETERS 61 - STAGES 62 - STEPS 63 secret: true 64 aliases: 65 - name: token 66 resourceRef: 67 - type: vaultSecret 68 name: jenkinsVaultSecretName 69 default: jenkins 70 - name: vaultAppRoleSecretTokenCredentialsId 71 type: string 72 description: The Jenkins credential ID, Azure DevOps variable name, or GitHub Actions secret name for the Vault AppRole Secret ID credential 73 scope: 74 - GENERAL 75 - PARAMETERS 76 - STAGES 77 - STEPS 78 mandatory: true 79 - name: vaultServerUrl 80 type: string 81 scope: 82 - GENERAL 83 - PARAMETERS 84 - STAGES 85 - STEPS 86 description: The URL for the Vault server to use 87 mandatory: true 88 - name: vaultNamespace 89 type: string 90 scope: 91 - GENERAL 92 - PARAMETERS 93 - STAGES 94 - STEPS 95 description: The Vault namespace that should be used (optional) 96 - name: daysBeforeExpiry 97 type: int 98 description: The amount of days before expiry until the secret ID gets rotated 99 scope: 100 - PARAMETERS 101 - STAGES 102 - STEPS 103 default: 15 104 - name: adoOrganization 105 type: string 106 scope: 107 - GENERAL 108 - PARAMETERS 109 - STAGES 110 - STEPS 111 description: The Azure DevOps organization name 112 - name: adoPersonalAccessToken 113 aliases: 114 - name: token 115 type: string 116 scope: 117 - PARAMETERS 118 - STAGES 119 - STEPS 120 description: The Azure DevOps personal access token 121 secret: true 122 mandatoryIf: 123 - name: secretStore 124 value: ado 125 resourceRef: 126 - type: vaultSecret 127 name: azureDevOpsVaultSecretName 128 default: azure-dev-ops 129 - name: adoProject 130 type: string 131 scope: 132 - PARAMETERS 133 - STAGES 134 - STEPS 135 description: The Azure DevOps project ID. Project name also can be used 136 - name: adoPipelineId 137 type: int 138 scope: 139 - PARAMETERS 140 - STAGES 141 - STEPS 142 description: The Azure DevOps pipeline ID. Also called as definition ID 143 - name: githubToken 144 aliases: 145 - name: access_token 146 - name: token 147 type: string 148 scope: 149 - GENERAL 150 - PARAMETERS 151 - STAGES 152 - STEPS 153 description: "GitHub personal access token as per 154 https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line 155 with the scope 'repo'" 156 secret: true 157 mandatoryIf: 158 - name: secretStore 159 value: github 160 resourceRef: 161 - type: vaultSecret 162 default: github 163 name: githubVaultSecretName 164 - name: githubApiUrl 165 description: Set the GitHub API URL that corresponds to the pipeline repository 166 scope: 167 - GENERAL 168 - PARAMETERS 169 - STAGES 170 - STEPS 171 type: string 172 default: "https://api.github.com" 173 - name: owner 174 description: Owner of the pipeline GitHub repository 175 resourceRef: 176 - name: commonPipelineEnvironment 177 param: github/owner 178 scope: 179 - GENERAL 180 - PARAMETERS 181 - STAGES 182 - STEPS 183 type: string 184 - name: repository 185 description: Name of the pipeline GitHub repository 186 resourceRef: 187 - name: commonPipelineEnvironment 188 param: github/repository 189 scope: 190 - GENERAL 191 - PARAMETERS 192 - STAGES 193 - STEPS 194 type: string