Hapi secrets plugin for the Screwdriver API
const Hapi = require('@hapi/hapi');
const server = new Hapi.Server();
const secretsPlugin = require('./');
server.connection({ port: 3000 });
server.register({
register: secretsPlugin,
options: {}
}, () => {
server.start((err) => {
if (err) {
throw err;
}
console.log('Server running at:', server.info.uri);
});
});Get requires write permission to the repository.
Create, Remove and Update require admin permission to the repository.
GET /secrets/{id}
POST /secrets
Arguments
pipelineId- Pipeline that this secret belongs to.name- Name of the secret. The name should match the pattern/^[A-Z_][A-Z0-9_]*$/.value- Value of the secret.allowInPR- Flag to denote if this secret can be shown in PR builds.
Example payload:
{
"pipelineId": "d398fb192747c9a0124e9e5b4e6e8e841cf8c71c",
"name": "NPM_TOKEN",
"value": "batman",
"allowInPR": true
}DELETE /secrets/{id}
PUT /secrets/{id}
Arguments
Only value and allowInPR can be updated.
value- Value of the secret.allowInPR- Flag to denote if this secret can be shown in PR builds.
Example payload:
{
"value": "batman",
"allowInPR": true
}The server supplies factories to plugins in the form of server settings:
// handler secretPlugin.js
handler: async (request, h) => {
const factory = request.server.app.secretFactory;
// ...
}