Setup

To set up the integration between Jenkins and Secret Server, you must perform the following tasks:

• Install the Delinea Secret Server plugin in Jenkins.

• Create an application account in Secret Server.

• In Secret Server, create the secrets that you want to access and reference during Jenkins builds.

Installing the Delinea Secret Server Plugin in Jenkins

You must install the Delinea Secret Server plugin in Jenkins. This plugin allows you to access and reference your Secret Server secrets for use in Jenkins builds.

To install the latest version of the Delinea Secret Server plugin:

1. In Jenkins, navigate to Dashboard > Manage Jenkins > Plugins.

2. Under Plugins on the left side, select Available Plugins.

3. In the search box at the top of the page, enter Delinea Secret Server and select the magnifying glass icon to search.

4. Select the checkbox next to the Delinea Secret Server plugin in the search results and select Install in the upper-right corner to install the plugin.

   The Download progress page shows the progress of the installation.

5. When the installation is complete, select the Restart Jenkins when installation is complete and no jobs are running checkbox.

6. When Jenkins restarts, log in to Jenkins.

7. Under Plugins, select Installed Plugins to see the installed Delinea Secret Server plugin.

   The Delinea Secret Server plugin is enabled by default.

   If you don't see the Delinea Secret Server plugin on the list of installed plugins, search for it.

Creating an Application Account in Secret Server

The Delinea Secret Server plugin requires an application account in Secret Server to connect to your Secret Server instance and fetch secrets for use in Jenkins. The application account must have a role with the View Secret and View Launcher Password permissions. This section describes how to create an application account in Secret Server and how to create a role with the View Secret and View Launcher Password permissions and assign it to the application account.

To create an application account and assign it a role with the View Secret and View Launcher Password permissions:

1. Log in to Secret Server with admin credentials.

2. Navigate to Access > Users and select Create User.

3. In the Add User window, enter the required details, select Application Account, and then select Add User.

4. Go to Access > Roles to create a role for the created application account and select Create Role.

5. Enter the Role Name, select the View Launcher Password and View Secret permissions, and then select Save.

6. Return to Access > Users, select the created application account, and go to the Roles tab.

7. Select Edit, assign the created role, and select Save.

Creating a Secret in Secret Server

Make sure that you have the required View permissions for the secrets that you need to access through Jenkins.

If you want to fetch secrets from Secret Server through a credential resolver sconfiguration in Jenkins, note that the Delinea Secret Server plugin fetches only the values of the standard Username and Password fields or equivalent custom fields (for example, client ID and client secret fields) from a secret. Therefore, make sure that the secret template of the secret you want to fetch from Secret Server includes the Username and Password fields or equivalent custom fields.

If you want to fetch secrets from Secret Server through a Jenkins pipeline, you can use any secret template.

To create a secret in Secret Server:

1. Log in to Secret Server.

2. Complete the steps in Creating Secrets in the Secret Server documentation.

3. Go to the Security tab for the secret and make sure that the Hide launcher password setting under Other security is set to No.

4. Go to the Sharing tab for the secret, select Add, and add the application account that you created.

5. Make a note of the secret ID in the secret's URL at the top, as shown.

   .

6. To create additional secrets, repeat steps 2–3.