{"id":2052,"date":"2024-01-21T14:46:16","date_gmt":"2024-01-21T12:46:16","guid":{"rendered":"http:\/\/192.168.1.213:8088\/?p=2052"},"modified":"2024-04-20T17:48:05","modified_gmt":"2024-04-20T15:48:05","slug":"onprem-gitlab-ce-and-hashicorp-vault-pipeline-integration","status":"publish","type":"post","link":"http:\/\/192.168.1.213:8088\/onprem-gitlab-ce-and-hashicorp-vault-pipeline-integration\/","title":{"rendered":"Vault Meets GitLab-CE: A guide for successful pipeline integration"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"2052\" class=\"elementor elementor-2052\" data-elementor-post-type=\"post\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-a2cdd03 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"a2cdd03\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-943b7ef\" data-id=\"943b7ef\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-3e2c501 elementor-toc--minimized-on-tablet elementor-widget elementor-widget-table-of-contents\" data-id=\"3e2c501\" data-element_type=\"widget\" data-settings=\"{&quot;headings_by_tags&quot;:[&quot;h5&quot;,&quot;h6&quot;],&quot;exclude_headings_by_selector&quot;:[],&quot;marker_view&quot;:&quot;bullets&quot;,&quot;icon&quot;:{&quot;value&quot;:&quot;fas fa-circle&quot;,&quot;library&quot;:&quot;fa-solid&quot;},&quot;minimize_box&quot;:&quot;yes&quot;,&quot;minimized_on&quot;:&quot;tablet&quot;,&quot;hierarchical_view&quot;:&quot;yes&quot;,&quot;min_height&quot;:{&quot;unit&quot;:&quot;px&quot;,&quot;size&quot;:&quot;&quot;,&quot;sizes&quot;:[]},&quot;min_height_tablet&quot;:{&quot;unit&quot;:&quot;px&quot;,&quot;size&quot;:&quot;&quot;,&quot;sizes&quot;:[]},&quot;min_height_mobile&quot;:{&quot;unit&quot;:&quot;px&quot;,&quot;size&quot;:&quot;&quot;,&quot;sizes&quot;:[]}}\" data-widget_type=\"table-of-contents.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor-pro - v3.21.0 - 30-04-2024 *\/\n.elementor-widget-table-of-contents .elementor-toc__header-title{color:var(--header-color)}.elementor-widget-table-of-contents.elementor-toc--collapsed .elementor-toc__toggle-button--collapse,.elementor-widget-table-of-contents:not(.elementor-toc--collapsed) .elementor-toc__toggle-button--expand{display:none}.elementor-widget-table-of-contents .elementor-widget-container{min-height:var(--box-min-height);border:var(--box-border-width,1px) solid var(--box-border-color,#9da5ae);border-radius:var(--box-border-radius,3px);background-color:var(--box-background-color);transition:min-height .4s;overflow:hidden}.elementor-toc__header{display:flex;align-items:center;justify-content:space-between;padding:var(--box-padding,20px);background-color:var(--header-background-color);border-bottom:var(--separator-width,1px) solid var(--box-border-color,#9da5ae)}.elementor-toc__header-title{font-size:18px;margin:0;color:var(--header-color);flex-grow:1}.elementor-toc__toggle-button{cursor:pointer;display:inline-flex}.elementor-toc__toggle-button i{color:var(--toggle-button-color)}.elementor-toc__toggle-button svg{height:1em;width:1em;fill:var(--toggle-button-color)}.elementor-toc__spinner-container{text-align:center}.elementor-toc__spinner{font-size:2em}.elementor-toc__spinner.e-font-icon-svg{height:1em;width:1em}.elementor-toc__body{padding:var(--box-padding,20px);max-height:var(--toc-body-max-height);overflow-y:auto}.elementor-toc__body::-webkit-scrollbar{width:7px}.elementor-toc__body::-webkit-scrollbar-thumb{background-color:#babfc5;border-radius:10px}.elementor-toc__list-wrapper{list-style:none;padding:0}.elementor-toc__list-item{margin-bottom:.5em}.elementor-toc__list-item.elementor-item-active{font-weight:700}.elementor-toc__list-item .elementor-toc__list-wrapper{margin-top:.5em;margin-inline-start:var(--nested-list-indent,1em)}.elementor-toc__list-item-text{transition-duration:var(--item-text-transition-duration)}.elementor-toc__list-item-text:hover{color:var(--item-text-hover-color);-webkit-text-decoration:var(--item-text-hover-decoration);text-decoration:var(--item-text-hover-decoration)}.elementor-toc__list-item-text.elementor-item-active{color:var(--item-text-active-color);-webkit-text-decoration:var(--item-text-active-decoration);text-decoration:var(--item-text-active-decoration)}.elementor-toc__list-item-text-wrapper{display:flex;align-items:center}.elementor-toc__list-item-text-wrapper:before,.elementor-toc__list-item-text-wrapper i{margin-inline-end:8px;color:var(--marker-color)}.elementor-toc__list-item-text-wrapper svg{margin-inline-end:8px;fill:var(--marker-color);height:var(--marker-size,.5em);width:var(--marker-size,.5em)}.elementor-toc__list-item-text-wrapper i{font-size:var(--marker-size,.5em)}.elementor-toc__list-item-text-wrapper:before{font-size:var(--marker-size,1em)}.elementor-toc--content-ellipsis .elementor-toc__list-item-text{white-space:nowrap;overflow:hidden;text-overflow:ellipsis}.elementor-toc__list-items--collapsible>.elementor-toc__list-wrapper>.elementor-toc__list-item>.elementor-toc__list-wrapper{display:none}.elementor-toc__heading-anchor{position:absolute}.elementor-toc__body .elementor-toc__list-item-text{color:var(--item-text-color);-webkit-text-decoration:var(--item-text-decoration);text-decoration:var(--item-text-decoration);transition-duration:var(--item-text-transition-duration)}.elementor-toc__body .elementor-toc__list-item-text:hover{color:var(--item-text-hover-color);-webkit-text-decoration:var(--item-text-hover-decoration);text-decoration:var(--item-text-hover-decoration)}.elementor-toc__body .elementor-toc__list-item-text.elementor-item-active{color:var(--item-text-active-color);-webkit-text-decoration:var(--item-text-active-decoration);text-decoration:var(--item-text-active-decoration)}ol.elementor-toc__list-wrapper{counter-reset:item}ol.elementor-toc__list-wrapper .elementor-toc__list-item{counter-increment:item}ol.elementor-toc__list-wrapper .elementor-toc__list-item-text-wrapper:before{content:counters(item,\".\") \". \"}<\/style>\t\t<div class=\"elementor-toc__header\">\n\t\t\t<h4 class=\"elementor-toc__header-title\">\n\t\t\t\tTable of Contents\t\t\t<\/h4>\n\t\t\t\t\t\t\t<div class=\"elementor-toc__toggle-button elementor-toc__toggle-button--expand\" role=\"button\" tabindex=\"0\" aria-controls=\"elementor-toc__3e2c501\" aria-expanded=\"true\" aria-label=\"Open table of contents\"><i aria-hidden=\"true\" class=\"fas fa-chevron-down\"><\/i><\/div>\n\t\t\t\t<div class=\"elementor-toc__toggle-button elementor-toc__toggle-button--collapse\" role=\"button\" tabindex=\"0\" aria-controls=\"elementor-toc__3e2c501\" aria-expanded=\"true\" aria-label=\"Close table of contents\"><i aria-hidden=\"true\" class=\"fas fa-chevron-up\"><\/i><\/div>\n\t\t\t\t\t<\/div>\n\t\t<div id=\"elementor-toc__3e2c501\" class=\"elementor-toc__body\">\n\t\t\t<div class=\"elementor-toc__spinner-container\">\n\t\t\t\t<i class=\"elementor-toc__spinner eicon-animation-spin eicon-loading\" aria-hidden=\"true\"><\/i>\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-143f437 elementor-widget elementor-widget-heading\" data-id=\"143f437\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor - v3.21.0 - 30-04-2024 *\/\n.elementor-heading-title{padding:0;margin:0;line-height:1}.elementor-widget-heading .elementor-heading-title[class*=elementor-size-]>a{color:inherit;font-size:inherit;line-height:inherit}.elementor-widget-heading .elementor-heading-title.elementor-size-small{font-size:15px}.elementor-widget-heading .elementor-heading-title.elementor-size-medium{font-size:19px}.elementor-widget-heading .elementor-heading-title.elementor-size-large{font-size:29px}.elementor-widget-heading .elementor-heading-title.elementor-size-xl{font-size:39px}.elementor-widget-heading .elementor-heading-title.elementor-size-xxl{font-size:59px}<\/style><h5 class=\"elementor-heading-title elementor-size-default\">Introduction<\/h5>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<section class=\"elementor-section elementor-inner-section elementor-element elementor-element-703d0d6 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"703d0d6\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-inner-column elementor-element elementor-element-c35516f\" data-id=\"c35516f\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-c64ea93 elementor-widget elementor-widget-text-editor\" data-id=\"c64ea93\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor - v3.21.0 - 30-04-2024 *\/\n.elementor-widget-text-editor.elementor-drop-cap-view-stacked .elementor-drop-cap{background-color:#69727d;color:#fff}.elementor-widget-text-editor.elementor-drop-cap-view-framed .elementor-drop-cap{color:#69727d;border:3px solid;background-color:transparent}.elementor-widget-text-editor:not(.elementor-drop-cap-view-default) .elementor-drop-cap{margin-top:8px}.elementor-widget-text-editor:not(.elementor-drop-cap-view-default) .elementor-drop-cap-letter{width:1em;height:1em}.elementor-widget-text-editor .elementor-drop-cap{float:left;text-align:center;line-height:1;font-size:50px}.elementor-widget-text-editor .elementor-drop-cap-letter{display:inline-block}<\/style>\t\t\t\t<p>Investigating the task of integrating HashiCorp Vault into my existing pipeline, I quickly realized the majority of resources available focused on <strong>GitLab-EE<\/strong> and <strong>Vault<\/strong> as a <strong>SaaS<\/strong> solution. Vault integration with GitLab is a feature that is only available with a premium license. This scenario didn&#8217;t align with my specific needs, as I was working with <strong>GitLab-CE<\/strong> (Community Edition) <strong>on-premises<\/strong>.<\/p><p>The journey was not without its challenges. One of the first hurdles was dealing with certificates\u00a0\ud83e\udd2e \u2013 a topic I&#8217;ve explained in an article. For those without their own Certificate Authority (CA), I recommend revisiting my <a href=\"http:\/\/192.168.1.213:8088\/gitlab-server-with-a-self-signed-certificate-and-embedded-docker-registry\/\" target=\"_blank\" rel=\"noopener\">previous article<\/a> on using self-signed certificates in GitLab. As we progress, you&#8217;ll see why having our own CA file becomes crucial.<\/p><p>I won&#8217;t describe the installation details of the Vault server on Ubuntu, as <a href=\"https:\/\/developer.hashicorp.com\/vault\/tutorials\/getting-started\/getting-started-install\" target=\"_blank\" rel=\"noopener\">HashiCorp&#8217;s documentation<\/a> covers this comprehensively. Instead, this blog will focus on the unique challenges and solutions encountered while setting up Vault and seamlessly integrating it with an on-prem GitLab-CE pipeline.<\/p><p>The article is based on:<br \/><strong>Ubuntu 22.04, Gitlab-CE 16.8.0, Vault 1.15.4<\/strong><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-inner-column elementor-element elementor-element-1334d77\" data-id=\"1334d77\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-862fbd3 elementor-widget elementor-widget-image\" data-id=\"862fbd3\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor - v3.21.0 - 30-04-2024 *\/\n.elementor-widget-image{text-align:center}.elementor-widget-image a{display:inline-block}.elementor-widget-image a img[src$=\".svg\"]{width:48px}.elementor-widget-image img{vertical-align:middle;display:inline-block}<\/style>\t\t\t\t\t\t\t\t\t\t<img fetchpriority=\"high\" decoding=\"async\" width=\"800\" height=\"800\" src=\"http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_001.png\" class=\"attachment-large size-large wp-image-2062\" alt=\"\" srcset=\"http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_001.png 1024w, http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_001-300x300.png 300w, http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_001-150x150.png 150w, http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_001-768x768.png 768w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<div class=\"elementor-element elementor-element-3755d15 elementor-widget elementor-widget-heading\" data-id=\"3755d15\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h5 class=\"elementor-heading-title elementor-size-default\">Setting up Hashicorp Vault<\/h5>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-b145061 elementor-widget__width-initial elementor-widget elementor-widget-text-editor\" data-id=\"b145061\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Once you have your Vault server started and set up. Keep in mind to note down your root token and seal token!\u00a0<\/p><p>Vault automatically generates self-signed certificates which is not what we want to use. As you create your own certificates, change the certificate path in the vault config file <strong>\/etc\/vault.d\/vault.hcl<\/strong><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-9ec14d3 elementor-widget elementor-widget-mdp-coder-elementor\" data-id=\"9ec14d3\" data-element_type=\"widget\" data-widget_type=\"mdp-coder-elementor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t        <!-- Start Coder for Elementor WordPress Plugin -->\n        <div\n            id=\"mdp-coder-9ec14d3\"\n            class=\"mdp-coder-elementor-box\"\n            data-theme=\"mdp-theme-default\"\n            data-dark-theme=\"mdp-theme-default\"\n        >\n            \n                <pre class=\"language-basic line-numbers\"data-previewers=\"\"><code># HTTPS listener\nlistener &quot;tcp&quot; {\n  address       = &quot;0.0.0.0:8200&quot;\n  tls_cert_file = &quot;\/opt\/vault\/tls\/198.18.133.99.crt&quot;\n  tls_key_file  = &quot;\/opt\/vault\/tls\/198.18.133.99.key&quot;\n}\n<\/code><\/pre>\n                    <\/div>\n                <script>\n            \"use strict\";\n\n            \/** Handler when the DOM is fully loaded. *\/\n            let callback_9ec14d3 = function() {\n\n                \/** Set theme for coder widget. *\/\n                function setTheme() {\n\n                    \/** Foreach Code Widget. *\/\n                    let coderBoxes = document.querySelectorAll( '.mdp-coder-elementor-box' );\n\n                    for ( let coderBox of coderBoxes ) {\n\n                        let lightTheme = coderBox.dataset.theme;\n                        let darkTheme = coderBox.dataset.darkTheme;\n\n                        coderBox.className = '';\n                        if ( window.matchMedia && window.matchMedia( '(prefers-color-scheme: dark)' ).matches ) {\n\n                            coderBox.className = 'mdp-coder-elementor-box ' + darkTheme;\n\n                        } else {\n\n                            coderBox.className = 'mdp-coder-elementor-box ' + lightTheme;\n\n                        }\n\n                    }\n\n                }\n                setTheme();\n\n\n                \/** Watch for changes color-scheme. *\/\n                window.matchMedia(\"(prefers-color-scheme: dark)\").addListener( function() {\n                    setTheme();\n                } );\n\n                \n                if ( typeof Prism !== 'undefined' ) {\n\n                    Prism.plugins.autoloader.languages_path = 'http:\/\/192.168.1.213:8088\/wp-content\/plugins\/coder-elementor\/js\/prism\/components\/';\n                    Prism.highlightAll();\n                    Prism.fileHighlight();\n\n                }\n\n                \n            };\n\n            if (\n                document.readyState === \"complete\" ||\n                ( document.readyState !== \"loading\" && !document.documentElement.doScroll )\n            ) {\n                callback_9ec14d3();\n            } else {\n                document.addEventListener( \"DOMContentLoaded\", callback_9ec14d3 );\n            }\n\n        <\/script>\n                <!-- End Coder for Elementor WordPress Plugin -->\n\n        \t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-ced9376 elementor-widget elementor-widget-text-editor\" data-id=\"ced9376\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Restart the service and navigate to the vault UI. Validate if the right certificates are loaded.\u00a0<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-981dc4a elementor-widget elementor-widget-mdp-coder-elementor\" data-id=\"981dc4a\" data-element_type=\"widget\" data-widget_type=\"mdp-coder-elementor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t        <!-- Start Coder for Elementor WordPress Plugin -->\n        <div\n            id=\"mdp-coder-981dc4a\"\n            class=\"mdp-coder-elementor-box\"\n            data-theme=\"mdp-theme-default\"\n            data-dark-theme=\"mdp-theme-default\"\n        >\n            \n                <pre class=\"language-bash line-numbers\"data-previewers=\"\"><code>$ sudo systemctl restart vault.service<\/code><\/pre>\n                    <\/div>\n                <script>\n            \"use strict\";\n\n            \/** Handler when the DOM is fully loaded. *\/\n            let callback_981dc4a = function() {\n\n                \/** Set theme for coder widget. *\/\n                function setTheme() {\n\n                    \/** Foreach Code Widget. *\/\n                    let coderBoxes = document.querySelectorAll( '.mdp-coder-elementor-box' );\n\n                    for ( let coderBox of coderBoxes ) {\n\n                        let lightTheme = coderBox.dataset.theme;\n                        let darkTheme = coderBox.dataset.darkTheme;\n\n                        coderBox.className = '';\n                        if ( window.matchMedia && window.matchMedia( '(prefers-color-scheme: dark)' ).matches ) {\n\n                            coderBox.className = 'mdp-coder-elementor-box ' + darkTheme;\n\n                        } else {\n\n                            coderBox.className = 'mdp-coder-elementor-box ' + lightTheme;\n\n                        }\n\n                    }\n\n                }\n                setTheme();\n\n\n                \/** Watch for changes color-scheme. *\/\n                window.matchMedia(\"(prefers-color-scheme: dark)\").addListener( function() {\n                    setTheme();\n                } );\n\n                \n                if ( typeof Prism !== 'undefined' ) {\n\n                    Prism.plugins.autoloader.languages_path = 'http:\/\/192.168.1.213:8088\/wp-content\/plugins\/coder-elementor\/js\/prism\/components\/';\n                    Prism.highlightAll();\n                    Prism.fileHighlight();\n\n                }\n\n                \n            };\n\n            if (\n                document.readyState === \"complete\" ||\n                ( document.readyState !== \"loading\" && !document.documentElement.doScroll )\n            ) {\n                callback_981dc4a();\n            } else {\n                document.addEventListener( \"DOMContentLoaded\", callback_981dc4a );\n            }\n\n        <\/script>\n                <!-- End Coder for Elementor WordPress Plugin -->\n\n        \t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-59d7c95 elementor-widget elementor-widget-text-editor\" data-id=\"59d7c95\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Enable jwt authentication, which is the method that is used between GitLab and Vault:<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-d2beacb elementor-widget elementor-widget-mdp-coder-elementor\" data-id=\"d2beacb\" data-element_type=\"widget\" data-widget_type=\"mdp-coder-elementor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t        <!-- Start Coder for Elementor WordPress Plugin -->\n        <div\n            id=\"mdp-coder-d2beacb\"\n            class=\"mdp-coder-elementor-box\"\n            data-theme=\"mdp-theme-default\"\n            data-dark-theme=\"mdp-theme-default\"\n        >\n            \n                <pre class=\"language-bash line-numbers\"data-previewers=\"\"><code>$ sudo vault auth enable jwt<\/code><\/pre>\n                    <\/div>\n                <script>\n            \"use strict\";\n\n            \/** Handler when the DOM is fully loaded. *\/\n            let callback_d2beacb = function() {\n\n                \/** Set theme for coder widget. *\/\n                function setTheme() {\n\n                    \/** Foreach Code Widget. *\/\n                    let coderBoxes = document.querySelectorAll( '.mdp-coder-elementor-box' );\n\n                    for ( let coderBox of coderBoxes ) {\n\n                        let lightTheme = coderBox.dataset.theme;\n                        let darkTheme = coderBox.dataset.darkTheme;\n\n                        coderBox.className = '';\n                        if ( window.matchMedia && window.matchMedia( '(prefers-color-scheme: dark)' ).matches ) {\n\n                            coderBox.className = 'mdp-coder-elementor-box ' + darkTheme;\n\n                        } else {\n\n                            coderBox.className = 'mdp-coder-elementor-box ' + lightTheme;\n\n                        }\n\n                    }\n\n                }\n                setTheme();\n\n\n                \/** Watch for changes color-scheme. *\/\n                window.matchMedia(\"(prefers-color-scheme: dark)\").addListener( function() {\n                    setTheme();\n                } );\n\n                \n                if ( typeof Prism !== 'undefined' ) {\n\n                    Prism.plugins.autoloader.languages_path = 'http:\/\/192.168.1.213:8088\/wp-content\/plugins\/coder-elementor\/js\/prism\/components\/';\n                    Prism.highlightAll();\n                    Prism.fileHighlight();\n\n                }\n\n                \n            };\n\n            if (\n                document.readyState === \"complete\" ||\n                ( document.readyState !== \"loading\" && !document.documentElement.doScroll )\n            ) {\n                callback_d2beacb();\n            } else {\n                document.addEventListener( \"DOMContentLoaded\", callback_d2beacb );\n            }\n\n        <\/script>\n                <!-- End Coder for Elementor WordPress Plugin -->\n\n        \t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3bd1317 elementor-widget elementor-widget-mdp-coder-elementor\" data-id=\"3bd1317\" data-element_type=\"widget\" data-widget_type=\"mdp-coder-elementor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t        <!-- Start Coder for Elementor WordPress Plugin -->\n        <div\n            id=\"mdp-coder-3bd1317\"\n            class=\"mdp-coder-elementor-box\"\n            data-theme=\"mdp-theme-default\"\n            data-dark-theme=\"mdp-theme-default\"\n        >\n            \n                <pre class=\"language-markup line-numbers\"data-previewers=\"\"><code>Error enabling jwt auth: Post &quot;https:\/\/127.0.0.1:8200\/v1\/sys\/auth\/jwt&quot;: tls: failed to verify certificate: x509: certificate is valid for 198.18.133.99, not 127.0.0.1<\/code><\/pre>\n                    <\/div>\n                <script>\n            \"use strict\";\n\n            \/** Handler when the DOM is fully loaded. *\/\n            let callback_3bd1317 = function() {\n\n                \/** Set theme for coder widget. *\/\n                function setTheme() {\n\n                    \/** Foreach Code Widget. *\/\n                    let coderBoxes = document.querySelectorAll( '.mdp-coder-elementor-box' );\n\n                    for ( let coderBox of coderBoxes ) {\n\n                        let lightTheme = coderBox.dataset.theme;\n                        let darkTheme = coderBox.dataset.darkTheme;\n\n                        coderBox.className = '';\n                        if ( window.matchMedia && window.matchMedia( '(prefers-color-scheme: dark)' ).matches ) {\n\n                            coderBox.className = 'mdp-coder-elementor-box ' + darkTheme;\n\n                        } else {\n\n                            coderBox.className = 'mdp-coder-elementor-box ' + lightTheme;\n\n                        }\n\n                    }\n\n                }\n                setTheme();\n\n\n                \/** Watch for changes color-scheme. *\/\n                window.matchMedia(\"(prefers-color-scheme: dark)\").addListener( function() {\n                    setTheme();\n                } );\n\n                \n                if ( typeof Prism !== 'undefined' ) {\n\n                    Prism.plugins.autoloader.languages_path = 'http:\/\/192.168.1.213:8088\/wp-content\/plugins\/coder-elementor\/js\/prism\/components\/';\n                    Prism.highlightAll();\n                    Prism.fileHighlight();\n\n                }\n\n                \n            };\n\n            if (\n                document.readyState === \"complete\" ||\n                ( document.readyState !== \"loading\" && !document.documentElement.doScroll )\n            ) {\n                callback_3bd1317();\n            } else {\n                document.addEventListener( \"DOMContentLoaded\", callback_3bd1317 );\n            }\n\n        <\/script>\n                <!-- End Coder for Elementor WordPress Plugin -->\n\n        \t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-923e1bc elementor-widget elementor-widget-text-editor\" data-id=\"923e1bc\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Upps&#8230; interesting error message&#8230; I will save you some time and directly show you the solution. Keep in mind to use the IP address or DNS name that you set in your &#8220;Subject Alternative Name&#8221;.<\/p><p>Set the following environment variables:<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-4692ef0 elementor-widget elementor-widget-mdp-coder-elementor\" data-id=\"4692ef0\" data-element_type=\"widget\" data-widget_type=\"mdp-coder-elementor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t        <!-- Start Coder for Elementor WordPress Plugin -->\n        <div\n            id=\"mdp-coder-4692ef0\"\n            class=\"mdp-coder-elementor-box\"\n            data-theme=\"mdp-theme-default\"\n            data-dark-theme=\"mdp-theme-default\"\n        >\n            \n                <pre class=\"language-bash line-numbers\"data-previewers=\"\"><code>export VAULT_ADDR='https:\/\/198.18.133.99:8200'\nexport VAULT_CACERT='\/opt\/vault\/tls\/ca.crt'\nexport VAULT_TOKEN='hvs.3me5leR1c8TOgDYTJd'<\/code><\/pre>\n                    <\/div>\n                <script>\n            \"use strict\";\n\n            \/** Handler when the DOM is fully loaded. *\/\n            let callback_4692ef0 = function() {\n\n                \/** Set theme for coder widget. *\/\n                function setTheme() {\n\n                    \/** Foreach Code Widget. *\/\n                    let coderBoxes = document.querySelectorAll( '.mdp-coder-elementor-box' );\n\n                    for ( let coderBox of coderBoxes ) {\n\n                        let lightTheme = coderBox.dataset.theme;\n                        let darkTheme = coderBox.dataset.darkTheme;\n\n                        coderBox.className = '';\n                        if ( window.matchMedia && window.matchMedia( '(prefers-color-scheme: dark)' ).matches ) {\n\n                            coderBox.className = 'mdp-coder-elementor-box ' + darkTheme;\n\n                        } else {\n\n                            coderBox.className = 'mdp-coder-elementor-box ' + lightTheme;\n\n                        }\n\n                    }\n\n                }\n                setTheme();\n\n\n                \/** Watch for changes color-scheme. *\/\n                window.matchMedia(\"(prefers-color-scheme: dark)\").addListener( function() {\n                    setTheme();\n                } );\n\n                \n                if ( typeof Prism !== 'undefined' ) {\n\n                    Prism.plugins.autoloader.languages_path = 'http:\/\/192.168.1.213:8088\/wp-content\/plugins\/coder-elementor\/js\/prism\/components\/';\n                    Prism.highlightAll();\n                    Prism.fileHighlight();\n\n                }\n\n                \n            };\n\n            if (\n                document.readyState === \"complete\" ||\n                ( document.readyState !== \"loading\" && !document.documentElement.doScroll )\n            ) {\n                callback_4692ef0();\n            } else {\n                document.addEventListener( \"DOMContentLoaded\", callback_4692ef0 );\n            }\n\n        <\/script>\n                <!-- End Coder for Elementor WordPress Plugin -->\n\n        \t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-207a575 elementor-widget elementor-widget-text-editor\" data-id=\"207a575\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Now you know why a CA is needed. If you don&#8217;t specify the CA you will receive the following error:<\/p><p><strong>x509: certificate signed by unknown authority<\/strong><\/p><p>Next, the command that creates the auth method to your GitLab server (I installed GitLab and Vault on the same server):\u00a0<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-eb613a0 elementor-widget elementor-widget-mdp-coder-elementor\" data-id=\"eb613a0\" data-element_type=\"widget\" data-widget_type=\"mdp-coder-elementor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t        <!-- Start Coder for Elementor WordPress Plugin -->\n        <div\n            id=\"mdp-coder-eb613a0\"\n            class=\"mdp-coder-elementor-box\"\n            data-theme=\"mdp-theme-default\"\n            data-dark-theme=\"mdp-theme-default\"\n        >\n            \n                <pre class=\"language-bash line-numbers\"data-previewers=\"\"><code>$ vault write auth\/jwt\/config jwks_url=&quot;https:\/\/198.18.133.99\/-\/jwks&quot; <\/code><\/pre>\n                    <\/div>\n                <script>\n            \"use strict\";\n\n            \/** Handler when the DOM is fully loaded. *\/\n            let callback_eb613a0 = function() {\n\n                \/** Set theme for coder widget. *\/\n                function setTheme() {\n\n                    \/** Foreach Code Widget. *\/\n                    let coderBoxes = document.querySelectorAll( '.mdp-coder-elementor-box' );\n\n                    for ( let coderBox of coderBoxes ) {\n\n                        let lightTheme = coderBox.dataset.theme;\n                        let darkTheme = coderBox.dataset.darkTheme;\n\n                        coderBox.className = '';\n                        if ( window.matchMedia && window.matchMedia( '(prefers-color-scheme: dark)' ).matches ) {\n\n                            coderBox.className = 'mdp-coder-elementor-box ' + darkTheme;\n\n                        } else {\n\n                            coderBox.className = 'mdp-coder-elementor-box ' + lightTheme;\n\n                        }\n\n                    }\n\n                }\n                setTheme();\n\n\n                \/** Watch for changes color-scheme. *\/\n                window.matchMedia(\"(prefers-color-scheme: dark)\").addListener( function() {\n                    setTheme();\n                } );\n\n                \n                if ( typeof Prism !== 'undefined' ) {\n\n                    Prism.plugins.autoloader.languages_path = 'http:\/\/192.168.1.213:8088\/wp-content\/plugins\/coder-elementor\/js\/prism\/components\/';\n                    Prism.highlightAll();\n                    Prism.fileHighlight();\n\n                }\n\n                \n            };\n\n            if (\n                document.readyState === \"complete\" ||\n                ( document.readyState !== \"loading\" && !document.documentElement.doScroll )\n            ) {\n                callback_eb613a0();\n            } else {\n                document.addEventListener( \"DOMContentLoaded\", callback_eb613a0 );\n            }\n\n        <\/script>\n                <!-- End Coder for Elementor WordPress Plugin -->\n\n        \t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-f00f69b elementor-widget elementor-widget-heading\" data-id=\"f00f69b\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h6 class=\"elementor-heading-title elementor-size-default\">Create secrets <\/h6>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-7664038 elementor-widget elementor-widget-text-editor\" data-id=\"7664038\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Log in to the UI, enable a key value (KV) secret engine, and create the first credentials. As shown in the screenshots below:<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<section class=\"elementor-section elementor-inner-section elementor-element elementor-element-112b2c3 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"112b2c3\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-inner-column elementor-element elementor-element-b5458be\" data-id=\"b5458be\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-22c898d elementor-widget elementor-widget-image\" data-id=\"22c898d\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t<a href=\"http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_002.png\" data-elementor-open-lightbox=\"yes\" data-e-action-hash=\"#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6MjA2NywidXJsIjoiaHR0cDpcL1wvMTkyLjE2OC4xLjIxMzo4MDg4XC93cC1jb250ZW50XC91cGxvYWRzXC8yMDI0XC8wMVwvZ2l0bGFiLWNlLXZhdWx0LWludGVncmF0aW9uXzAwMi5wbmcifQ%3D%3D\">\n\t\t\t\t\t\t\t<img decoding=\"async\" width=\"800\" height=\"426\" src=\"http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_002-1024x545.png\" class=\"attachment-large size-large wp-image-2067\" alt=\"\" srcset=\"http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_002-1024x545.png 1024w, http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_002-300x160.png 300w, http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_002-768x409.png 768w, http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_002-1536x817.png 1536w, http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_002.png 1596w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/>\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-inner-column elementor-element elementor-element-1bab6a8\" data-id=\"1bab6a8\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-9bb2daa elementor-widget elementor-widget-image\" data-id=\"9bb2daa\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t<a href=\"http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_003.png\" data-elementor-open-lightbox=\"yes\" data-e-action-hash=\"#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6MjA2OCwidXJsIjoiaHR0cDpcL1wvMTkyLjE2OC4xLjIxMzo4MDg4XC93cC1jb250ZW50XC91cGxvYWRzXC8yMDI0XC8wMVwvZ2l0bGFiLWNlLXZhdWx0LWludGVncmF0aW9uXzAwMy5wbmcifQ%3D%3D\">\n\t\t\t\t\t\t\t<img decoding=\"async\" width=\"800\" height=\"427\" src=\"http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_003-1024x547.png\" class=\"attachment-large size-large wp-image-2068\" alt=\"\" srcset=\"http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_003-1024x547.png 1024w, http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_003-300x160.png 300w, http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_003-768x410.png 768w, http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_003-1536x820.png 1536w, http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_003.png 1597w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/>\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-inner-section elementor-element elementor-element-12f3a72 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"12f3a72\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-inner-column elementor-element elementor-element-acbd165\" data-id=\"acbd165\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-588c4e7 elementor-widget elementor-widget-image\" data-id=\"588c4e7\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t<a href=\"http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_004.png\" data-elementor-open-lightbox=\"yes\" data-e-action-hash=\"#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6MjA2OSwidXJsIjoiaHR0cDpcL1wvMTkyLjE2OC4xLjIxMzo4MDg4XC93cC1jb250ZW50XC91cGxvYWRzXC8yMDI0XC8wMVwvZ2l0bGFiLWNlLXZhdWx0LWludGVncmF0aW9uXzAwNC5wbmcifQ%3D%3D\">\n\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"800\" height=\"427\" src=\"http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_004-1024x546.png\" class=\"attachment-large size-large wp-image-2069\" alt=\"\" srcset=\"http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_004-1024x546.png 1024w, http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_004-300x160.png 300w, http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_004-768x409.png 768w, http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_004-1536x819.png 1536w, http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_004.png 1595w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/>\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-inner-column elementor-element elementor-element-12ea9b1\" data-id=\"12ea9b1\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-5ec477d elementor-widget elementor-widget-image\" data-id=\"5ec477d\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t<a href=\"http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_005.png\" data-elementor-open-lightbox=\"yes\" data-e-action-hash=\"#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6MjA3MCwidXJsIjoiaHR0cDpcL1wvMTkyLjE2OC4xLjIxMzo4MDg4XC93cC1jb250ZW50XC91cGxvYWRzXC8yMDI0XC8wMVwvZ2l0bGFiLWNlLXZhdWx0LWludGVncmF0aW9uXzAwNS5wbmcifQ%3D%3D\">\n\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"800\" height=\"423\" src=\"http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_005-1024x542.png\" class=\"attachment-large size-large wp-image-2070\" alt=\"\" srcset=\"http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_005-1024x542.png 1024w, http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_005-300x159.png 300w, http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_005-768x406.png 768w, http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_005-1536x813.png 1536w, http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_005.png 1601w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/>\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<div class=\"elementor-element elementor-element-9165c64 elementor-widget elementor-widget-text-editor\" data-id=\"9165c64\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Of course, you can create the secrets via CLI. Please refer to the <a href=\"https:\/\/developer.hashicorp.com\/vault\/tutorials\/getting-started\/getting-started-first-secret\" target=\"_blank\" rel=\"noopener\">Hashicorp documentation<\/a>.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-4ed59f3 elementor-widget elementor-widget-heading\" data-id=\"4ed59f3\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h6 class=\"elementor-heading-title elementor-size-default\">Vault policy<\/h6>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-651ae71 elementor-widget elementor-widget-text-editor\" data-id=\"651ae71\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Create a Vault policy for your secret path, in my case, <strong>pod01,<\/strong> which sets the permissions on the secret. I want all content in pod01 to be available with reading capabilities:<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-83a550f elementor-widget elementor-widget-mdp-coder-elementor\" data-id=\"83a550f\" data-element_type=\"widget\" data-widget_type=\"mdp-coder-elementor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t        <!-- Start Coder for Elementor WordPress Plugin -->\n        <div\n            id=\"mdp-coder-83a550f\"\n            class=\"mdp-coder-elementor-box\"\n            data-theme=\"mdp-theme-default\"\n            data-dark-theme=\"mdp-theme-default\"\n        >\n            \n                <pre class=\"language-bash line-numbers\"data-previewers=\"\"><code>$ vault policy write pod01 - &lt;&lt;EOF\npath &quot;pod01\/*&quot; {\ncapabilities = [ &quot;read&quot; ]\n}\nEOF<\/code><\/pre>\n                    <\/div>\n                <script>\n            \"use strict\";\n\n            \/** Handler when the DOM is fully loaded. *\/\n            let callback_83a550f = function() {\n\n                \/** Set theme for coder widget. *\/\n                function setTheme() {\n\n                    \/** Foreach Code Widget. *\/\n                    let coderBoxes = document.querySelectorAll( '.mdp-coder-elementor-box' );\n\n                    for ( let coderBox of coderBoxes ) {\n\n                        let lightTheme = coderBox.dataset.theme;\n                        let darkTheme = coderBox.dataset.darkTheme;\n\n                        coderBox.className = '';\n                        if ( window.matchMedia && window.matchMedia( '(prefers-color-scheme: dark)' ).matches ) {\n\n                            coderBox.className = 'mdp-coder-elementor-box ' + darkTheme;\n\n                        } else {\n\n                            coderBox.className = 'mdp-coder-elementor-box ' + lightTheme;\n\n                        }\n\n                    }\n\n                }\n                setTheme();\n\n\n                \/** Watch for changes color-scheme. *\/\n                window.matchMedia(\"(prefers-color-scheme: dark)\").addListener( function() {\n                    setTheme();\n                } );\n\n                \n                if ( typeof Prism !== 'undefined' ) {\n\n                    Prism.plugins.autoloader.languages_path = 'http:\/\/192.168.1.213:8088\/wp-content\/plugins\/coder-elementor\/js\/prism\/components\/';\n                    Prism.highlightAll();\n                    Prism.fileHighlight();\n\n                }\n\n                \n            };\n\n            if (\n                document.readyState === \"complete\" ||\n                ( document.readyState !== \"loading\" && !document.documentElement.doScroll )\n            ) {\n                callback_83a550f();\n            } else {\n                document.addEventListener( \"DOMContentLoaded\", callback_83a550f );\n            }\n\n        <\/script>\n                <!-- End Coder for Elementor WordPress Plugin -->\n\n        \t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-972ddd1 elementor-widget elementor-widget-text-editor\" data-id=\"972ddd1\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>It took me a while to determine the correct path to use. Some guides suggested using the path starting with secrets\/xyz\/, which resulted in an error.<\/p><p><strong>Error making API request.<\/strong><br \/>URL: GET https:\/\/198.18.133.99:8200\/v1\/sys\/internal\/ui\/mounts\/pod01\/dnac<br \/>Code: 403. Errors:<br \/>* preflight capability check returned 403, please ensure client&#8217;s policies grant access to path &#8220;pod01\/dnac\/&#8221;<\/p><p><strong>Please keep that in mind.<\/strong><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3d9abb0 elementor-widget elementor-widget-heading\" data-id=\"3d9abb0\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h6 class=\"elementor-heading-title elementor-size-default\">GitLab project id<\/h6>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-7e2c99c elementor-widget elementor-widget-text-editor\" data-id=\"7e2c99c\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Log in to your GitLab and note down the project ID. This information we will use later in the jwt access restriction.\u00a0<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-ceb9c5e elementor-widget elementor-widget-image\" data-id=\"ceb9c5e\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t<a href=\"http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_006.png\" data-elementor-open-lightbox=\"yes\" data-e-action-hash=\"#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6MjA3MSwidXJsIjoiaHR0cDpcL1wvMTkyLjE2OC4xLjIxMzo4MDg4XC93cC1jb250ZW50XC91cGxvYWRzXC8yMDI0XC8wMVwvZ2l0bGFiLWNlLXZhdWx0LWludGVncmF0aW9uXzAwNi5wbmcifQ%3D%3D\">\n\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"800\" height=\"422\" src=\"http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_006-1024x540.png\" class=\"attachment-large size-large wp-image-2071\" alt=\"\" srcset=\"http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_006-1024x540.png 1024w, http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_006-300x158.png 300w, http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_006-768x405.png 768w, http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_006-1536x811.png 1536w, http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_006.png 1605w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/>\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-92da9c1 elementor-widget elementor-widget-heading\" data-id=\"92da9c1\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h6 class=\"elementor-heading-title elementor-size-default\">Vault role access restriction<\/h6>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-44742c2 elementor-widget elementor-widget-text-editor\" data-id=\"44742c2\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Create a role access restriction that matches the information that is coming via jws authentication to the policy that we just created, in my case pod01. The highlighted lines need to be changed. In my case, I only will handle requests that are pushed into the main branch.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-b84f58b elementor-widget elementor-widget-mdp-coder-elementor\" data-id=\"b84f58b\" data-element_type=\"widget\" data-widget_type=\"mdp-coder-elementor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t        <!-- Start Coder for Elementor WordPress Plugin -->\n        <div\n            id=\"mdp-coder-b84f58b\"\n            class=\"mdp-coder-elementor-box\"\n            data-theme=\"mdp-theme-default\"\n            data-dark-theme=\"mdp-theme-default\"\n        >\n            \n                <pre class=\"language-bash line-numbers\"data-previewers=\"\"><code>$ vault write auth\/jwt\/role\/pod01 - &lt;&lt;EOF\n{\n&quot;role_type&quot;: &quot;jwt&quot;,\n&quot;policies&quot;: [&quot;pod01&quot;],\n&quot;token_explicit_max_ttl&quot;: 60,\n&quot;user_claim&quot;: &quot;user_login&quot;,\n&quot;bound_claims_type&quot;: &quot;glob&quot;,\n&quot;bound_claims&quot;: {\n&quot;project_id&quot;: &quot;3&quot;,\n&quot;ref&quot;: &quot;main&quot;,\n&quot;ref_type&quot;: &quot;branch&quot;\n}\n}\nEOF<\/code><\/pre>\n                    <\/div>\n                <script>\n            \"use strict\";\n\n            \/** Handler when the DOM is fully loaded. *\/\n            let callback_b84f58b = function() {\n\n                \/** Set theme for coder widget. *\/\n                function setTheme() {\n\n                    \/** Foreach Code Widget. *\/\n                    let coderBoxes = document.querySelectorAll( '.mdp-coder-elementor-box' );\n\n                    for ( let coderBox of coderBoxes ) {\n\n                        let lightTheme = coderBox.dataset.theme;\n                        let darkTheme = coderBox.dataset.darkTheme;\n\n                        coderBox.className = '';\n                        if ( window.matchMedia && window.matchMedia( '(prefers-color-scheme: dark)' ).matches ) {\n\n                            coderBox.className = 'mdp-coder-elementor-box ' + darkTheme;\n\n                        } else {\n\n                            coderBox.className = 'mdp-coder-elementor-box ' + lightTheme;\n\n                        }\n\n                    }\n\n                }\n                setTheme();\n\n\n                \/** Watch for changes color-scheme. *\/\n                window.matchMedia(\"(prefers-color-scheme: dark)\").addListener( function() {\n                    setTheme();\n                } );\n\n                \n                if ( typeof Prism !== 'undefined' ) {\n\n                    Prism.plugins.autoloader.languages_path = 'http:\/\/192.168.1.213:8088\/wp-content\/plugins\/coder-elementor\/js\/prism\/components\/';\n                    Prism.highlightAll();\n                    Prism.fileHighlight();\n\n                }\n\n                \n            };\n\n            if (\n                document.readyState === \"complete\" ||\n                ( document.readyState !== \"loading\" && !document.documentElement.doScroll )\n            ) {\n                callback_b84f58b();\n            } else {\n                document.addEventListener( \"DOMContentLoaded\", callback_b84f58b );\n            }\n\n        <\/script>\n                <!-- End Coder for Elementor WordPress Plugin -->\n\n        \t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-b5be0e4 elementor-widget elementor-widget-heading\" data-id=\"b5be0e4\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h6 class=\"elementor-heading-title elementor-size-default\">GitLab variables<\/h6>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5ac5b83 elementor-widget elementor-widget-text-editor\" data-id=\"5ac5b83\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Create the following 3 variables in GitLab. These are needed for the vault CLI tool to work and the jwt authentification:\u00a0<\/p><ol class=\"\"><li id=\"0bfe\" class=\"mw mx gr my b mz na nb nc nd ne nf ng nh ni nj nk nl nm nn no np nq nr ns nt nv nw nx bj\" data-selectable-paragraph=\"\"><strong class=\"my gs\">VAULT_AUTH_ROLE = pod01<\/strong><\/li><li id=\"69f2\" class=\"mw mx gr my b mz ny nb nc nd nz nf ng nh oa nj nk nl ob nn no np oc nr ns nt nv nw nx bj\" data-selectable-paragraph=\"\"><strong class=\"my gs\">VAULT_AUTH_PATH = jws<\/strong><\/li><li id=\"7556\" class=\"mw mx gr my b mz ny nb nc nd nz nf ng nh oa nj nk nl ob nn no np oc nr ns nt nv nw nx bj\" data-selectable-paragraph=\"\"><strong class=\"my gs\">VAULT_ADDR = https:\/\/198.18.133.99:8200<\/strong><\/li><\/ol>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-da8735b elementor-widget elementor-widget-image\" data-id=\"da8735b\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t<a href=\"http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_007.png\" data-elementor-open-lightbox=\"yes\" data-e-action-hash=\"#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6MjA3MiwidXJsIjoiaHR0cDpcL1wvMTkyLjE2OC4xLjIxMzo4MDg4XC93cC1jb250ZW50XC91cGxvYWRzXC8yMDI0XC8wMVwvZ2l0bGFiLWNlLXZhdWx0LWludGVncmF0aW9uXzAwNy5wbmcifQ%3D%3D\">\n\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"800\" height=\"425\" src=\"http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_007-1024x544.png\" class=\"attachment-large size-large wp-image-2072\" alt=\"\" srcset=\"http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_007-1024x544.png 1024w, http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_007-300x159.png 300w, http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_007-768x408.png 768w, http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_007-1536x816.png 1536w, http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_007.png 1595w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/>\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-8d27d0d elementor-widget elementor-widget-heading\" data-id=\"8d27d0d\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h6 class=\"elementor-heading-title elementor-size-default\">Vault container<\/h6>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-ff251d5 elementor-widget elementor-widget-text-editor\" data-id=\"ff251d5\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>As I need the ca.crt file to interact with the vault cli, I decided to create my own Docker container and include the ca.crt file.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-f4deb2e elementor-widget elementor-widget-text-editor\" data-id=\"f4deb2e\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>When using GitLab as a Docker registry, this is the pipeline to build and upload the Dockerfile.<\/p><p>Later, execute the Vault container and provide the secrets previously created.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-87bea49 elementor-widget elementor-widget-mdp-coder-elementor\" data-id=\"87bea49\" data-element_type=\"widget\" data-widget_type=\"mdp-coder-elementor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t        <!-- Start Coder for Elementor WordPress Plugin -->\n        <div\n            id=\"mdp-coder-87bea49\"\n            class=\"mdp-coder-elementor-box\"\n            data-theme=\"mdp-theme-default\"\n            data-dark-theme=\"mdp-theme-default\"\n        >\n            \n                <pre class=\"language-docker line-numbers\"data-previewers=\"\"><code>FROM hashicorp\/vault:1.14\n\nRUN apk add jq\n\nCOPY .\/ca.crt \/usr\/local\/share\/ca-certificates\/<\/code><\/pre>\n                    <\/div>\n                <script>\n            \"use strict\";\n\n            \/** Handler when the DOM is fully loaded. *\/\n            let callback_87bea49 = function() {\n\n                \/** Set theme for coder widget. *\/\n                function setTheme() {\n\n                    \/** Foreach Code Widget. *\/\n                    let coderBoxes = document.querySelectorAll( '.mdp-coder-elementor-box' );\n\n                    for ( let coderBox of coderBoxes ) {\n\n                        let lightTheme = coderBox.dataset.theme;\n                        let darkTheme = coderBox.dataset.darkTheme;\n\n                        coderBox.className = '';\n                        if ( window.matchMedia && window.matchMedia( '(prefers-color-scheme: dark)' ).matches ) {\n\n                            coderBox.className = 'mdp-coder-elementor-box ' + darkTheme;\n\n                        } else {\n\n                            coderBox.className = 'mdp-coder-elementor-box ' + lightTheme;\n\n                        }\n\n                    }\n\n                }\n                setTheme();\n\n\n                \/** Watch for changes color-scheme. *\/\n                window.matchMedia(\"(prefers-color-scheme: dark)\").addListener( function() {\n                    setTheme();\n                } );\n\n                \n                if ( typeof Prism !== 'undefined' ) {\n\n                    Prism.plugins.autoloader.languages_path = 'http:\/\/192.168.1.213:8088\/wp-content\/plugins\/coder-elementor\/js\/prism\/components\/';\n                    Prism.highlightAll();\n                    Prism.fileHighlight();\n\n                }\n\n                \n            };\n\n            if (\n                document.readyState === \"complete\" ||\n                ( document.readyState !== \"loading\" && !document.documentElement.doScroll )\n            ) {\n                callback_87bea49();\n            } else {\n                document.addEventListener( \"DOMContentLoaded\", callback_87bea49 );\n            }\n\n        <\/script>\n                <!-- End Coder for Elementor WordPress Plugin -->\n\n        \t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-c08bb97 elementor-widget elementor-widget-mdp-coder-elementor\" data-id=\"c08bb97\" data-element_type=\"widget\" data-widget_type=\"mdp-coder-elementor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t        <!-- Start Coder for Elementor WordPress Plugin -->\n        <div\n            id=\"mdp-coder-c08bb97\"\n            class=\"mdp-coder-elementor-box\"\n            data-theme=\"mdp-theme-default\"\n            data-dark-theme=\"mdp-theme-default\"\n        >\n            \n                <pre class=\"language-json line-numbers\"data-previewers=\"\"><code>variables:\n  IMAGE_NAME_VAULT: $CI_REGISTRY_IMAGE\/vault\n  IMAGE_TAG_VAULT: &quot;1.0&quot;  \n\nstages:\n  - build\n  - vault\n\nbuild_image:\n  stage: build\n  tags:\n    - shell-runner\n  script:\n    - docker build -t $IMAGE_NAME_VAULT:$IMAGE_TAG_VAULT docker\/vault\/.\n\npush_image:\n  stage: build\n  needs:\n    - build_image\n  tags:\n    - shell-runner\n  before_script:\n    - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY\n  script:\n    - docker push $IMAGE_NAME_VAULT:$IMAGE_TAG_VAULT \n\nvault:\n  stage: vault\n  image: $IMAGE_NAME_VAULT:$IMAGE_TAG_VAULT\n  tags:\n    - docker-runner\n  script:\n  - export VAULT_CACERT=\/usr\/local\/share\/ca-certificates\/ca.crt\n  - export VAULT_TOKEN=&quot;$(vault write -field=token auth\/jwt\/login role=$VAULT_AUTH_ROLE jwt=$CI_JOB_JWT)&quot;\n  - vault kv get -format json pod01\/dnac | jq .data.data | jq -r 'to_entries|map(&quot;\\(.key)=\\(.value|tostring)&quot;)|.[]'<\/code><\/pre>\n                    <\/div>\n                <script>\n            \"use strict\";\n\n            \/** Handler when the DOM is fully loaded. *\/\n            let callback_c08bb97 = function() {\n\n                \/** Set theme for coder widget. *\/\n                function setTheme() {\n\n                    \/** Foreach Code Widget. *\/\n                    let coderBoxes = document.querySelectorAll( '.mdp-coder-elementor-box' );\n\n                    for ( let coderBox of coderBoxes ) {\n\n                        let lightTheme = coderBox.dataset.theme;\n                        let darkTheme = coderBox.dataset.darkTheme;\n\n                        coderBox.className = '';\n                        if ( window.matchMedia && window.matchMedia( '(prefers-color-scheme: dark)' ).matches ) {\n\n                            coderBox.className = 'mdp-coder-elementor-box ' + darkTheme;\n\n                        } else {\n\n                            coderBox.className = 'mdp-coder-elementor-box ' + lightTheme;\n\n                        }\n\n                    }\n\n                }\n                setTheme();\n\n\n                \/** Watch for changes color-scheme. *\/\n                window.matchMedia(\"(prefers-color-scheme: dark)\").addListener( function() {\n                    setTheme();\n                } );\n\n                \n                if ( typeof Prism !== 'undefined' ) {\n\n                    Prism.plugins.autoloader.languages_path = 'http:\/\/192.168.1.213:8088\/wp-content\/plugins\/coder-elementor\/js\/prism\/components\/';\n                    Prism.highlightAll();\n                    Prism.fileHighlight();\n\n                }\n\n                \n            };\n\n            if (\n                document.readyState === \"complete\" ||\n                ( document.readyState !== \"loading\" && !document.documentElement.doScroll )\n            ) {\n                callback_c08bb97();\n            } else {\n                document.addEventListener( \"DOMContentLoaded\", callback_c08bb97 );\n            }\n\n        <\/script>\n                <!-- End Coder for Elementor WordPress Plugin -->\n\n        \t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-d99b001 elementor-widget elementor-widget-image\" data-id=\"d99b001\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"800\" height=\"425\" src=\"http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_008-1024x544.png\" class=\"attachment-large size-large wp-image-2073\" alt=\"\" srcset=\"http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_008-1024x544.png 1024w, http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_008-300x159.png 300w, http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_008-768x408.png 768w, http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_008-1536x816.png 1536w, http:\/\/192.168.1.213:8088\/wp-content\/uploads\/2024\/01\/gitlab-ce-vault-integration_008.png 1597w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-9852efd elementor-widget elementor-widget-heading\" data-id=\"9852efd\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h5 class=\"elementor-heading-title elementor-size-default\">Conclusion<\/h5>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3668b4b elementor-widget elementor-widget-text-editor\" data-id=\"3668b4b\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Having navigated through the integration of HashiCorp Vault with GitLab-CE, I can attest that while the process may appear straightforward on paper, the reality was far more challenging. \ud83e\udd75<\/p><p>This experience, however, paves the way for more. My future projects can now leverage Vault more confidently for secure secret storage and management. The successful implementation of Vault into the pipeline marks a significant step in adopting robust secret management practices.<\/p><p>This integration not only aligns with but also reinforces the best practices in security and compliance. It stands as a testament to the importance of a systematic and secure approach in managing sensitive data and credentials in today\u2019s IT environments.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-e7b240f elementor-widget elementor-widget-heading\" data-id=\"e7b240f\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h5 class=\"elementor-heading-title elementor-size-default\">Ressources<\/h5>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-b923662 elementor-widget elementor-widget-text-editor\" data-id=\"b923662\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<ul><li><a href=\"https:\/\/support.hashicorp.com\/hc\/en-us\/articles\/8107320508947-x509-certificate-signed-by-unknown-authority\" target=\"_blank\" rel=\"noopener\">https:\/\/support.hashicorp.com\/hc\/en-us\/articles\/8107320508947-x509-certificate-signed-by-unknown-authority<\/a><\/li><li><a href=\"https:\/\/developer.hashicorp.com\/vault\/tutorials\/getting-started\/getting-started-install\" target=\"_blank\" rel=\"noopener\">https:\/\/developer.hashicorp.com\/vault\/tutorials\/getting-started\/getting-started-install<\/a><\/li><\/ul>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-9447230 elementor-widget elementor-widget-html\" data-id=\"9447230\" data-element_type=\"widget\" data-widget_type=\"html.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<script type=\"text\/javascript\">\n(function($) {\n    $(window).load(function() {\n        $('.token.entity').each(function() {\n            var title = $(this).attr('title');\n            $(this).html(title);\n        })\n    });\n})(jQuery);\n<\/script>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Table of Contents Introduction Investigating the task of integrating HashiCorp Vault into my existing pipeline, I quickly realized the majority of resources available focused on GitLab-EE and Vault as a SaaS solution. Vault integration with GitLab is a feature that is only available with a premium license. This scenario didn&#8217;t align with my specific needs, [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":1148,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11],"tags":[],"_links":{"self":[{"href":"http:\/\/192.168.1.213:8088\/wp-json\/wp\/v2\/posts\/2052"}],"collection":[{"href":"http:\/\/192.168.1.213:8088\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/192.168.1.213:8088\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/192.168.1.213:8088\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/192.168.1.213:8088\/wp-json\/wp\/v2\/comments?post=2052"}],"version-history":[{"count":64,"href":"http:\/\/192.168.1.213:8088\/wp-json\/wp\/v2\/posts\/2052\/revisions"}],"predecessor-version":[{"id":2150,"href":"http:\/\/192.168.1.213:8088\/wp-json\/wp\/v2\/posts\/2052\/revisions\/2150"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/192.168.1.213:8088\/wp-json\/wp\/v2\/media\/1148"}],"wp:attachment":[{"href":"http:\/\/192.168.1.213:8088\/wp-json\/wp\/v2\/media?parent=2052"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/192.168.1.213:8088\/wp-json\/wp\/v2\/categories?post=2052"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/192.168.1.213:8088\/wp-json\/wp\/v2\/tags?post=2052"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}