Secret Management for Delivery Workflows
Last updated
Last updated
Ozone ships with an in-built Vault to manage all of the provider secrets, variables and securely injects them into the CI/CD context when pipelines are being executed. These variables can be pre-defined in the Variables section, or they can be defined when a provider is being integrated.
When a pipeline or a release run is triggered, these variables are fetched from the in-built vault and supplied into the Kubernetes Secrets for the pipeline pods to be consumed. The following diagram shows the a concise view of how the secrets from Ozone are injected into the context of a CI/CD pipeline
The diagram below presents a summary of how Ozone handles secrets within the pipeline workflows
Any secrets that are required by the CI/CD workflows can be scoped as variables which can have one value per environment, or a global value across all environments.
Secret Management is enabled by default for all CI/CD workflows in Ozone