The Private Key type was added in FlexDeploy 9.0.0.3. If you are running an earlier version, you can use an SSH Key credential instead for OAuth Email.
Configure Private Keys Within FlexDeploy
Private Key credentials support a private key file upload and have an optional input for a passphrase. You will be able to download the public key based on the private key that is uploaded if it is an OpenSSH key. These credentials can be configured for OAuth purposes. Additionally, they can be referenced in custom groovy scripts and workflows (see Referencing Private Key Values as Properties section for more information).
- update this screenshot.
Input Name | Description | Input Type | Required |
|---|---|---|---|
Private Key | Private Key which will have its content stored in encrypted format. Most private key formats should work in FlexDeploy. The private key will not be tested at save time. | File | Yes |
Passphrase | Passphrase for accessing the Private key (optional, also stored in an encrypted format). | Text | No |
Referencing Private Key Values As Properties
A Private Key credential that is assigned to an encrypted property within FlexDeploy can be referenced for property replacement or groovy variables. In order to reference the private key, only the property code needs to be used. If you want to access the passphrase, then attach the suffix _PASSPHRASE (case sensitive) to the property code.
For example, we have an encrypted property on this workflow with the code PRIVATE_KEY.
We could have a step in our workflow to execute some sort of shell script that will make an SSH connection using the property configured on the project. Below is an example of referencing our property in a groovy script, but it would be similar for environment variables or property replacement within files. For accessing the private key then we would use the code PRIVATE_KEY. For accessing the passphrase, then it would be PRIVATE_KEY_PASSPHRASE. Note that if referencing the passphrase like this, it could fail if the actual value of the property during execution is not an Private Key-type credential.
Groovy Functions
For any groovy script that has access to the FLEXDEPLOY variable, there are methods for accessing the plain text values of a given credential id or name. Note that using these methods to grab the values for Endpoint-scoped credentials is prevented.
Method | Description |
|---|---|
FLEXDEPLOY.getCredentialSecretTextValueById(credentialId) | Returns the plain text value String of the given Credential id. The id must belong to a credential of type Secret Text. |
FLEXDEPLOY.getCredentialSecretTextValueByName(credentialName) | Returns the plain text value String of the given Credential name. The name must belong to a credential of type Secret Text. |
FLEXDEPLOY.getCredentialValueById(credentialId) | Returns an object containing the plain text values depending on the credential type of the provided id. Secret Text -> CredentialSecretTextValuePojo SSH Key → CredentialSshKeyValuePojo Certificate → CredentialCertificateValuePojo |
FLEXDEPLOY.getCredentialValueByName(credentialName) | Returns an object containing the plain text values depending on the credential type of the provided name. Secret Text -> CredentialSecretTextValuePojo SSH Key → CredentialSshKeyValuePojo Certificate → CredentialCertificateValuePojo |
CredentialSecretTextValuePojo
Method | Description |
|---|---|
getSecretText() | Returns the unencrypted String secret text value of this credential. |
CredentialSshKeyValuePojo
Method | Description |
|---|---|
getSshKey() | Returns the unencrypted private key value of this credential. |
getSshKeyPassphrase() | Returns the unencrypted passphrase value of this credential. |
CredentialCertificateValuePojo
Method | Description |
|---|---|
getCertificate() | Returns the unencrypted certificate value of this credential. |
getCertificatePassword() | Returns the unencrypted password value of this credential. |