Jenkins Integration

Jenkins is an open source automation server that automates building, testing, and deploying software. Use the Bitwarden Secrets Manager CLI to inject secrets into Jenkins CI/CD Pipelines.

To get started, create a token that will be used to authenticate with the Bitwarden Secrets Manager and retrieve secrets. To save an access token as a Jenkins credential:

1. In Jenkins, navigate to the Settings  → Credentials page.
   

   

2. Select the desired credential store.

3. Select Add Credentials.

4. Click the Kind drop down menu and select Secret text.

5. Give the credential an appropriate name. Next, we will prepare the bitwarden-access-token.

6. In a new tab, open the Secrets Manager web app and create an access token.
   

   

7. Return to Jenkins and paste the newly-created access token into the Secret field.

8. Once complete, select Create.

Next, a Jenkins Pipeline needs to be created. The following section features an example Pipeline.

1. Create a new Jenkins Pipeline by selecting New Item on the left-hand navigation.

2. Enter a name for the new item. Next, select the Pipeline item type and then OK when complete.
   

   

3. On the following screen, configure your desired settings and triggers. In the Pipeline section, include the following contents:

JavaCopy
 pipeline {
    agent any

    stages {
        stage('Build Rust Project with Secrets from Bitwarden') {
            steps {
                withCredentials([string(credentialsId: 'bitwarden-access-token',
                                         variable: 'BWS_ACCESS_TOKEN')]) {
                sh '''
                export PATH=$PATH:/usr/local/bin # ensure bws is in PATH
                bws run -- <command needing secrets here>
                '''
                                         }
            }
        }
    }
}

On the left, select Build Now → Pipelines and select Run Pipeline located on the top-right of the page. Select Run Pipeline on the page to run the newly-created Pipeline.