TeamCity Kotlin DSL/jetbrains.buildServer.configs.kotlin.projectFeatures/HashiCorpVaultConnection

HashiCorpVaultConnection

open class HashiCorpVaultConnection : ProjectFeature

fun ProjectFeatures.hashiCorpVaultConnection(init: HashiCorpVaultConnection.() -> Unit): HashiCorpVaultConnection

Stores information and configuration for the access to a HashiCorp Vault.

Example. Adds a new Connection that allows TeamCity to connect to a HashiCorpVault using AppRole

project {
    // Other Project settings ...
    features {
        // Other Project Features ...
        hashiCorpVaultConnection {
            id = "PROJECT_ID"
            name = "HashiCorp Vault"
            authMethod = appRole {
              endpointPath = "approle"
              roleId = "id"
              secretId = "credentialsJSON:ee2362ab-33fb-40bd-b49b-e77c4a45e978"
          }
        }
Content copied to clipboard
    }
}

Example. Adds a new Connection that allows TeamCity to connect to a HashiCorpVault using AppRole. It defines it own parameter namespace and a respective vault namespace.

project {
    // Other Project settings ...
    features {
        // Other Project Features ...
        hashiCorpVaultConnection {
            id = "PROJECT_ID"
            name = "HashiCorp Vault"
            vaultId = "other-namespace"
            vaultNamespace = "other"
            authMethod = appRole {
              endpointPath = "approle"
              roleId = "id"
              secretId = "credentialsJSON:ee2362ab-33fb-40bd-b49b-e77c4a45e978"
          }
        }
Content copied to clipboard
    }
}

Example. Adds a new Connection that allows TeamCity to connect to a HashiCorpVault using LDAP

project {
    // Other Project settings ...
    features {
        // Other Project Features ...
        hashiCorpVaultConnection {
            id = "PROJECT_ID"
            name = "HashiCorp Vault"
            authMethod = ldap {
              path = "path"
              username = "username"
              password = "credentialsJSON:636e34b4-d02e-4f27-9d12-141f75e8832b"
            }
        }
Content copied to clipboard
    }
}

Example. Adds a new Connection that allows TeamCity to connect to a HashiCorpVault using GCP IAM, relying on default GCP credentials and the default Vault path

project {
    // Other Project settings ...
    features {
        // Other Project Features ...
        hashiCorpVaultConnection {
            id = "PROJECT_ID"
            name = "HashiCorp Vault"
            authMethod = gcpIam {
              gcpVaultRole = "role"
            }
        }
Content copied to clipboard
    }
}

Example. Adds a new Connection that allows TeamCity to connect to a HashiCorpVault using GCP IAM, using a service account and a custom mount path

project {
    // Other Project settings ...
    features {
        // Other Project Features ...
        hashiCorpVaultConnection {
            id = "PROJECT_ID"
            name = "HashiCorp Vault"
            authMethod = gcpIam {
              gcpVaultRole = "role"
              gcpServiceAccount = "gcpSericeAccount"
              gcpEndpointPath = "customVaultMountPath"
            }
        }
Content copied to clipboard
    }
}

Constructors

HashiCorpVaultConnection

constructor(init: HashiCorpVaultConnection.() -> Unit)

constructor()

Types

AuthMethod

sealed class AuthMethod : CompoundParam<HashiCorpVaultConnection.AuthMethod>

Properties

authMethod

var authMethod: HashiCorpVaultConnection.AuthMethod?

The way how to obtain credentials (just provide the keys, assume IAM role or other)

failOnError

var failOnError: Boolean?

Whether to fail builds in case of parameter resolving error

var id: String?

Project feature id, if not specified will be generated

name

var name: String?

HashiCorp Vault connection display name

namespace

var ~~namespace~~: String?

Vault ID. Should be provided in case of multiple vault connections

params

val params: List<Parameter>

type

var type: String

Project feature type

url

var url: String?

Vault URL

vaultId

var vaultId: String?

Vault ID. Should be provided in case of multiple vault connections

vaultNamespace

var vaultNamespace: String?

HashiCorp Vault namespace that the auth method and secrets engines are housed under.

Functions

appRole

fun appRole(init: HashiCorpVaultConnection.AuthMethod.AppRole.() -> Unit = {}): HashiCorpVaultConnection.AuthMethod.AppRole

booleanParameter

fun booleanParameter(customName: String? = null, trueValue: String? = "true", falseValue: String? = "false"): DelegateProvider<Boolean?>

clear

fun clear()

compoundParameter

fun <T : CompoundParam<T>> compoundParameter(customName: String? = null): DelegateProvider<T>

copyParamsTo

fun <T : Parametrized> copyParamsTo(target: T): T

Copies parameters of this object to the specified target

create

open fun create(): ProjectFeature

Creates an instance of this project feature via reflection using a no argument constructor, used during copying. Throws an error if this class doesn't have a default constructor. Subclasses can override it to create an instance without using a default constructor.

doubleParameter