How can I access Shared Credentials from Bamboo plan Shell Script Taks?
I have added a private RSA key in Shared Credentials. I know I can use it to configure access to repositories or even in SCP plugin task.
But how can I access this key in a shell script task?
Is there a way to do that, e.g. via global variable?
In my case I have to do various things via SSH, like port tunneling, rsync via SSH and so on.
So I have to run scripts like
ssh -i id_rsa_private_key SOME COMMAND HERE
And I want to be able to pick up this id_rsa_private_key from Shared Credentials via plan or global variable.
Unfortunately, Bamboo does not have a variable to get Shared Credentials set up on your Bamboo. Instead, what you can do is create system vaviables which can be used in all fields of a Task, with the exception of password variables. Variables can also be used with deployments.
At this point you might have a variable called JAVA_HOME set up in your environment variables. If you want to access it in Bamboo, you can use the following command:
Based on the example above, you could set up a variable to hold your SSH KEY or the command you have described in your comment description and call it in within Bamboo.
Yes, I could just plant the key on Bamboo system and then access it via environment variable. The problem is that we have around 10 Bamboo agents, all of them being a cloud instance. Those are managed by a separate team, and are refreshed every 2 weeks or so, that means the keys would be removed too and I would have to go through it with dev support guys to see if it's even possible to have a persistent key on all agents. Probably it's possible, but I was looking for a "Bamboo-way" only, as if I have no knowledge at all which agent will pick up the build, what's the agents OS and so on.
I tried to set the key as a plan variable, but the key is too long and exceeds maximul length.
So I ended up storing the key in the repositories of the projects that use it.
Not the ideal solution, but we're hosting Stash ourselves, the access to it is completely secure, that means the key is secured as well.
We install private keys used for this purpose on our instances via Bamboo instance configuration. In the instance startup script we add a method to dump the key to a file on the instance. This is then used during the build flow. It would be better to have access to the shared credentials in Bamboo ... maybe in the future they'll add this?? :)
I'm John Allspaw, co-founder of Adaptive Capacity Labs, where we help teams use their incidents to learn and improve. We bring research-driven methods and approaches to drive effective inciden...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs