Codefresh Steps: Reusable Code for Common Operations

This page provides code you can use to perform common operations in the Codefresh CI/CD platform.

62.3K

Fetch secrets from AWS Secrets Manager aws-secrets-manager

Fetch secrets and export them to be used in subsequent steps.

arguments

AWS_ACCESS_KEY_ID - AWS access key ID. Takes priority over pod's IAM role if set

AWS_DEFAULT_REGION - AWS region to operate in.

AWS_IAM_ROLE_ARN - The ARN of AWS IAM role to assume.

AWS_SECRET_ACCESS_KEY - AWS secret access key.

secrets - A list of secrets to fetch.

    FetchSecrets:
  title: Fetch secrets from AWS Secrets Manager
  type: aws-secrets-manager
  arguments:
    AWS_ACCESS_KEY_ID: '${{AWS_ACCESS_KEY_ID}}'
    AWS_SECRET_ACCESS_KEY: '${{AWS_SECRET_ACCESS_KEY}}'
    AWS_DEFAULT_REGION: a-region-1
    AWS_IAM_ROLE_ARN: 'arn:aws:role/some-role'
    secrets:
      - secret_arn: 'arn:aws:secret-1'
        key: username
        store_in: USERNAME
      - secret_arn: 'arn:aws:secret-1'
        key: password
        store_in: PASSWORD

    FetchSecrets:
  title: Fetch secrets from AWS Secrets Manager using service account IAM role
  type: aws-secrets-manager
  arguments:
    AWS_DEFAULT_REGION: a-region-1
    secrets:
      - secret_arn: sercret-name
        key: username
        store_in: USERNAME
      - secret_arn: sercret-name
        key: password
        store_in: PASSWORD

github.com

Jesse Antoszyk

Oct 1, 2021

source