Secret Management for Delivery Workflows
Ozone ships with an in-built secure storage to manage all of the provider secrets, variables and securely injects them into the CI/CD context when pipelines are being executed. These variables can be pre-defined in the Variables section, or they can be defined when a provider is being integrated.
When a pipeline or a release run is triggered, these variables are fetched from the in-built secrets storage and supplied into the Kubernetes Secrets for the pipeline pods to be consumed. The following diagram shows the a concise view of how the secrets from Ozone are injected into the context of a CI/CD pipeline
The diagram below presents a summary of how Ozone handles secrets within the pipeline workflows
.png?alt=media&token=4c57bf42-34fa-46ce-9d31-58f724d11e77)
Any secrets that are required by the CI/CD workflows can be scoped as variables which can have one value per environment, or a global value across all environments.
Secret Management is enabled by default for all CI/CD workflows in Ozone
Last modified 1mo ago