JS7 JobScheduler

Space shortcuts

Page tree

Versions Compared

Old Version 1

changes.mady.by.user Andreas Püschel

Saved on

compared with

New Version 2

changes.mady.by.user Andreas Püschel

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • The job makes use of JS7 - Script Includes: the Crypto Script Include holds the Shell functions used in the job.
    • The ##!include Crypto inserts  inserts the shell code available from the indicated Crypto Script Include.
    • The Script Include is invoked once per job and can be parameterized to specify the location of the public key.
      • ## include Crypto --replace="<public-key>","/var/sos-berlin.com/js7/agent/config/agent.pub"
      • The above value represents the default value that will be used of if the Script Include is invoked without replacementsreplacement options.
  • The EncryptVariable shell function expects the Name name of the variable and the value that should be encrypted.
    • EncryptVariable <name> <value> [<key-name> [,<public-key>]]
      • <name>: The name of the variable is required.
      • <value>: The value of the variable is required.
      • <key-name>: The name of a second variable holding the encrypted symmetric key. Defaults to <name>_key.
      • <public-key>: The path to the public key file is specified. Defaults to <agent-data>/config/agent.pub.
    • The shell function will encrypt the variable with the public key.
    • The encrypted variable will be forwarded to subsequent jobs and instructions in the workflow.


The second job decrypt-variables looks like this:

...

  • The job makes use of JS7 - Script Includes: the Crypto Script Include holds the Shell functions used in the job.
    • The ##!include Crypto inserts the shell code available from the indicated Crypto Script Include.
    • The Script Include can be parameterized to specify the location of the private key.
    • The Script Include can be parameterized to specify a passphrase used by the private key.
      • ## include Crypto --replace="<passphrase>","jobscheduler"
      • The Script Include can be invoked with any number of --replace=<what>,<with> options.
  • The DecryptVariable function expects the encrypted value of the variable and the encrypted value of the symmetric key.
    • DecryptVariable <value> <key-value> [<private-key> [,<passphrase>]]
      • <value>: The encrypted value of the variable is required.
      • <key-value>: The value of the variable holding the encrypted symmetric key is required.
      • <private-key>: The path to the private key file is specified. Defaults to <agent-data>/config/private/agent.key.
      • <passphrase>: The passphrase of the private key.
    • The function will decrypt the encrypted symmetric key.
    • The function will decrypt the encrypted variable value using the decrypted symmetric key.
  • The DecryptVariable function returns the secret that can be assigned an environment variable.
  • It is recommended not to write the secret to a file or to perform any output operation that will expose the secret to logging of output in the stdout and stderr channels.

...