Multiple Contexts in a Workflow

It would be useful to be able to specify multiple Context's in a workflow. As a general best security practice, any given workflow should only have access to the secrets that it absolutely needs. In order to accomplish this with Context's currently however, many projects would need their own Context, containing only the secrets relevant to that project. This defeats the point of Contexts, making them less reusable. Allowing a workflow to specify multiple Contexts maintains this principle of least privilege, without sacrificing the usability of Contexts. Exampe:

 

workflows:
main:
jobs:
- example-job:
context:
- AWS
- Heroku
- Cloudflare

 

There's more discussion in this forum thread.

  • Eric Dahlseng
  • Dec 12 2018
  • Taking votes
  • Attach files
  • syamantak mukhopadhyay commented
    20 Jul 05:01pm

    +1

  • higuys hii commented
    14 Jul 11:05am

    nice

  • Takashi Kokubun commented
    1 Jul 08:51pm

    +1

  • Michele Caramello commented
    1 Jul 08:49pm

    +1

  • Robin Bowes commented
    30 Jun 11:11am

    +1

  • Esteban Garcia commented
    4 Jun 04:09pm

    +1

  • Garth Brantley commented
    29 May 11:05am

    +1

  • Rodrigo Diez Villamuera commented
    11 May 08:39am

    +1, multiple context would help us to define secrets and variables once and use multiple times. Without multiple contexts, admin becomes a pain

  • Corey Rastetter commented
    7 May 07:55pm

    +1

  • Lukas Siemon commented
    27 Mar 05:55pm

    Very unfortunate that this still hasn't been added. We have a lot of contexts (~100) and updating them (even through a script) is a pain. Any feedback where this is on the priority list?

  • Guest commented
    13 Mar 07:30pm
    > This is a big missing feature. Already set the variables only for this not to be supported.


    This just caught me as a surprise, too, dandelion!
    I assumed it must work with multiple contexts, but right, 'context'', not 'contexts'...

    Having granular sets of variables for, say, aws, vault and share them amongst many projects - it would be great to have this!

  • Yan Ferreira commented
    11 Mar 04:30pm

    +1

  • Sam Bryant commented
    11 Mar 04:02pm

    Might not be what everyone here is after but we have written a tool to help manage secrets on contexts. https://github.com/armakuni/circleci-context-secret-manager

    The core idea is that one context extends another (much like you would want with multiple contexts). But the tool deals with setting the required duplicate values in CircleCI. So you always just use a single context by job but that could have been made up of multiple other contexts with overrides etc based on some config files. We only open sourced the tool today so getting feedback would be awesome.

  • Michele Degges commented
    11 Mar 04:26am

    +1

  • Joe Cuffney commented
    3 Mar 01:41am

    +1

  • Daiki Watanabe commented
    2 Mar 08:27am

    :+1:

  • Ahmed Tarek commented
    11 Feb 01:19am

    +1

    Currently being limited to one context disables quite a strong pro that we can use contexts for. Contexts have a great potential to share secure environment variables between all repos/jobs while maintaining a single source of truth and no replications.

  • Olumide Omotoso commented
    10 Feb 08:05am

    This is a big missing feature. Already set the variables only for this not to be supported.

  • Guest commented
    31 Jan 04:28pm

    Would be so helpful to have the ability to use multiple contexts. +1

  • Milos Mircov commented
    24 Jan 04:00pm

    +1

  • Load older comments
  • and 284 more