Page History
...
- The job makes use of JS7 - Script Includes: the Crypto Script Include holds the Shell functions used in the job.
- The
##!include Crypto
inserts inserts the shell code available from the indicated Crypto Script Include. - The Script Include is invoked once per job and can be parameterized to specify the location of the public key.
## include Crypto --replace="<public-key>","/var/sos-berlin.com/js7/agent/config/agent.pub"
- The above value represents the default value that will be used of if the Script Include is invoked without replacementsreplacement options.
- The
- The
EncryptVariable
shell function expects the Name name of the variable and the value that should be encrypted.EncryptVariable
<name> <value> [<key-name> [,<public-key>]]
<name>
: The name of the variable is required.<value>
: The value of the variable is required.<key-name>
: The name of a second variable holding the encrypted symmetric key. Defaults to<name>_key
.<public-key>
: The path to the public key file is specified. Defaults to<agent-data>/config/agent.pub
.
- The shell function will encrypt the variable with the public key.
- The encrypted variable will be forwarded to subsequent jobs and instructions in the workflow.
The second job decrypt-variables looks like this:
...
- The job makes use of JS7 - Script Includes: the Crypto Script Include holds the Shell functions used in the job.
- The
##!include Crypto
inserts the shell code available from the indicated Crypto Script Include. - The Script Include can be parameterized to specify the location of the private key.
## include Crypto --replace="<private-key>","/var/sos-berlin.com/js7/agent/config/private/agent.key"
- The above value represents the default value that will be used of the Script Include is invoked without replacements.
- The Script Include can be parameterized to specify a passphrase used by the private key.
## include Crypto --replace="<passphrase>","jobscheduler"
- The Script Include can be invoked with any number of
--replace=<what>,<with>
options.
- The
- The
DecryptVariable
function expects the encrypted value of the variable and the encrypted value of the symmetric key.DecryptVariable
<value> <key-value> [<private-key> [,<passphrase>]]
<value>
: The encrypted value of the variable is required.<key-value>
: The value of the variable holding the encrypted symmetric key is required.<private-key>
: The path to the private key file is specified. Defaults to<agent-data>/config/private/agent.key
.<passphrase>
: The passphrase of the private key.
- The function will decrypt the encrypted symmetric key.
- The function will decrypt the encrypted variable value using the decrypted symmetric key.
- The
DecryptVariable
function returns the secret that can be assigned an environment variable. - It is recommended not to write the secret to a file or to perform any output operation that will expose the secret to logging of output in the stdout and stderr channels.
...
Overview
Content Tools