diff --git a/jenkins_jobs/modules/wrappers.py b/jenkins_jobs/modules/wrappers.py
index 9a2a01c83..6a73d95cf 100644
--- a/jenkins_jobs/modules/wrappers.py
+++ b/jenkins_jobs/modules/wrappers.py
@@ -1289,11 +1289,16 @@ def vault_secrets(registry, xml_parent, data):
:arg str vault-url: Vault URL
:arg str credentials-id: Vault Credential
+ :arg str engine-version: Vault K/V Engine version
+ :arg bool fail-if-not-found: Fail if the secret path is not found
+ :arg bool skip-ssl-verification: Skip verification of SSL certs
:arg list secrets: List of secrets
:secrets:
* **secret-path** (`str`) --
The path of the secret in the vault server
+ * **engine-version** (`str`) --
+ Vault K/V Engine version
:secret-values:
* **secret-values** (`list`) -- List of key / value pairs
@@ -1321,12 +1326,18 @@ def vault_secrets(registry, xml_parent, data):
conf_mapping = [
("vault-url", "vaultUrl", ""),
("credentials-id", "vaultCredentialId", ""),
+ ("engine-version", "engineVersion", "1"),
+ ("fail-if-not-found", "failIfNotFound", "true"),
+ ("skip-ssl-verification", "skipSslVerification", "false"),
]
helpers.convert_mapping_to_xml(
configuration, data, conf_mapping, fail_required=True
)
- secret_obj_mapping = [("secret-path", "path", "")]
+ secret_obj_mapping = [
+ ("secret-path", "path", ""),
+ ("engine-version", "engineVersion", "1"),
+ ]
secret_value_mapping = [("env-var", "envVar", ""), ("vault-key", "vaultKey", "")]
secretsobj = XML.SubElement(vault, "vaultSecrets")
secrets = data.get("secrets", [])
diff --git a/tests/wrappers/fixtures/vault-full.xml b/tests/wrappers/fixtures/vault-full.xml
index cc17b80d7..9829d6880 100644
--- a/tests/wrappers/fixtures/vault-full.xml
+++ b/tests/wrappers/fixtures/vault-full.xml
@@ -5,10 +5,14 @@
http://127.0.0.1:8200
myCredentials
+ 2
+ false
+ true
secret/my-secret
+ 1
USERNAME
@@ -22,6 +26,7 @@
secret/my-secret2
+ 2
USERNAME2
diff --git a/tests/wrappers/fixtures/vault-full.yaml b/tests/wrappers/fixtures/vault-full.yaml
index 74d6960de..082f96eb9 100644
--- a/tests/wrappers/fixtures/vault-full.yaml
+++ b/tests/wrappers/fixtures/vault-full.yaml
@@ -2,6 +2,9 @@ wrappers:
- vault-secrets:
vault-url: 'http://127.0.0.1:8200'
credentials-id: 'myCredentials'
+ fail-if-not-found: 'false'
+ skip-ssl-verification: 'true'
+ engine-version: '2'
secrets:
- secret-path: 'secret/my-secret'
secret-values:
@@ -10,6 +13,7 @@ wrappers:
- env-var: 'PASSWORD'
vault-key: 'password'
- secret-path: 'secret/my-secret2'
+ engine-version: '2'
secret-values:
- env-var: 'USERNAME2'
vault-key: 'username2'
diff --git a/tests/wrappers/fixtures/vault-minimal.xml b/tests/wrappers/fixtures/vault-minimal.xml
index 2b69a861f..7079d2f4e 100644
--- a/tests/wrappers/fixtures/vault-minimal.xml
+++ b/tests/wrappers/fixtures/vault-minimal.xml
@@ -5,10 +5,14 @@
http://127.0.0.1:8200
myCredentials
+ 1
+ true
+ false
secret/my-token
+ 1
TOKEN