I’ve been building up a nice pattern for bootstrapping Jenkins’ secrets through init.groovy.d, storing the secrets themselves inside configuration management. So far, this has been the simplest way to get a working configuration without additional moving parts beyond Jenkins and a configuration management tool. The Jenkins Credentials plugin supports a few different secret types: “secret text” (which can be used as an environment variable), username & password, files from the file sys...
