0

I'm struggling on doing Jenkins CI/CD pipelines for an Open Source project which has a set of confidential .properties files.

The .properties files are necessary for maintainability in a Spring boot project, and some of the .properties files are confidential, and so must not be disclosed in the open sourced code-base.

For each confidential .properties we provide an example .properties in the open source.

The question is, how do you smoothly (i.e. automize) incorporate the confidential .properties or files in the Jenkins CI/CD pipelines, and have a great version controllability using git over those files? So that those confidential .properties can effect durring every CI/CD phase and so in the production.

This seems to be a hard-to-automize challenge, any comments, suggestions or experiences are appreciated!

What I've tried

Git secret

This is a great solution but it doesn't support Windows, so I can't go with it. (Every alternative to git-secret I've found also doesn't support cross-platform.

4

1 回答 1

1

有一个名为Config File Provider Plugin的插件对我来说是个救命稻草。它能够将整个配置文件替换为存储在 JK 中的配置文件,或者只是 XML、Json 等中的令牌。

在管道中,当您想要替换整个文件时,它看起来像这样:

 stage('Add Config files') {
        steps {
            configFileProvider([configFile(fileId: 'IDOfTheFileStoredInJenkins', targetLocation: pathToMyFileRelativeToWorkspace/myPropertiesFile')]) {
            // some block, maybe a nice log message
            }
}
}

类似 的线程

于 2020-06-02T07:47:00.500 回答