Secret Management for Delivery Workflows

Overview

Ozone ships with an in-built Vault to manage all of the provider secrets, variables and securely injects them into the CI/CD context when pipelines are being executed. These variables can be pre-defined in the Variables section, or they can be defined when a provider is being integrated.

When a pipeline or a release run is triggered, these variables are fetched from the in-built vault and supplied into the Kubernetes Secrets for the pipeline pods to be consumed. The following diagram shows the a concise view of how the secrets from Ozone are injected into the context of a CI/CD pipeline

Secret Management Workflow

The diagram below presents a summary of how Ozone handles secrets within the pipeline workflows

Any secrets that are required by the CI/CD workflows can be scoped as variables which can have one value per environment, or a global value across all environments.

Secret Management is enabled by default for all CI/CD workflows in Ozone

PreviousDevSecOps Integrations NextDevOps Governance

Last updated 2 years ago