Demo

Injecting HashiCorp Vault Static Secrets into a CircleCI Pipeline

Watch this live stream replay on how to inject static secrets into a CircleCI pipeline with HashiCorp Vault.

Speakers

  • Rosemary Wang
    Rosemary WangDeveloper Advocate, HashiCorp
  • Angel Rivera
    Angel RiveraDeveloper Advocate, CircleCI

How can HashiCorp Vault inject static secrets into a CircleCI pipeline? Watch this replay from the HashiCorp Live stream to learn how to securely inject static secrets into your CircleCI pipeline. Rosemary Wang (Developer Advocate, HashiCorp) and Angel Rivera (Developer Advocate, CircleCI) teach each other about HashiCorp Vault and CircleCI while attempting to configure an example pipeline to use Vault to retrieve Docker Hub credentials and push to a container image repository.

Subscribe to the HashiCorp Live Twitch channel to watch future live streams!

Outline

3:35 — Start of Video

5:57 — Introduction to Objectives

13:00 — Introduction to CircleCI

30:00 — Introduction to HashiCorp Vault

43:35 — Explanation of Vault AppRole

57:00 — Implementation of Secure Introduction of Vault Client

1:06:30 — Implementation of Vault Agent

1:41:00 — Fix Vault Policy to Allow Access to Secrets

1:54:00 — Fix Vault Agent template to write out Docker Hub username and password

2:02:00 — Working CircleCI pipeline with static secrets injection and image in Docker Hub

More resources like this one

Vault identity diagram
  • 12/28/2023
  • FAQ

Why should we use identity-based or "identity-first" security as we adopt cloud infrastructure?

  • 3/14/2023
  • Article

5 best practices for secrets management

  • 2/3/2023
  • Case Study

Automating Multi-Cloud, Multi-Region Vault for Teams and Landing Zones

  • 1/20/2023
  • Case Study

Adopting GitOps and the Cloud in a Regulated Industry