I'd like to implement an integration with Terraform so Amazon access keys can automatically be maintained and updated in build contexts, see this issue: https://github.com/hashicorp/terraform/issues/17951
Context management is now available in the CLI. https://github.com/CircleCI-Public/circleci-cli/pull/362
Cross-linking to a generalized "official CircleCI Terraform provider" issue. That would be one consumer of the API proposed here.
+1 this would ease automation of secret creation in our org and really enhance security.
At Shelf we are using single context per project (repo) and since we are doing serverless it requires every time to the context manually from different sources which just takes time for a dummy work. Definitely needed!
The new contexts variables that are only available to administrators are wonderful. Unfortunately, we have an automated system that rotates our deployment API keys daily.
Without an API to manage contexts, we can't update the API keys, which means we'd have to have stagnant ones that we update manually. This is a security issue!
We definitely need a fully featured API for managing Context's, and that should include the ability to CRUD/clone and modify existing properties and their values within a Context.
Can we please get this
how is this not a thing?
we'd like it as well
Please ... this is a must have!
An absolute requirement for rotating secrets
+ 1 I need to store secret keys per context via API. Actually there's no way to do this
+1 This is absolutely required. We use dozen of variables for our microservices ECS cluster. We need to backup these values while scripting their deployment at the same time as we use to do in IaC.
Contexts are a wonderful thing, but not really useful or convenient to use without:
1. this API
2. the capability to see the content of some variables as they are not supposed to be secrets. It's mandatory to ease the readability during investigations.
We use tokens inside our contexts to access external services. Would love to automate the secrets rotation within contexts as we have 100s of projects.
You won't be notified about changes to this idea.