Circle CI
Describes how to integrate CloudTruth with Circle CI
Last updated
Was this helpful?
Describes how to integrate CloudTruth with Circle CI
Last updated
Was this helpful?
This documentation covers integrating CloudTruth with CircleCI to inject configuration variables and secrets directly into your CircleCI pipelines using the CloudTruth CLI.
By integrating CloudTruth with CircleCI, you can securely manage and inject configuration variables, environment-specific settings, and secrets into your CircleCI pipelines. This enables consistent, secure, and flexible configuration management across different environments.
CloudTruth Account: Ensure you have an active CloudTruth account. Visit to sign up.
CloudTruth CLI: The CloudTruth CLI should be installed and accessible in your CircleCI pipeline.
API Key: Generate a CloudTruth API key to authenticate within CircleCI. This key allows CircleCI to access and inject the variables and secrets from CloudTruth into the pipeline.
Go to your CircleCI project’s settings.
In the left-hand sidebar, click Environment Variables.
Add a new environment variable:
Name: CLOUDTRUTH_API_KEY
Value: Your CloudTruth API key (obtained from your CloudTruth account under API settings).
This will allow CircleCI to authenticate with CloudTruth using the CLI during pipeline execution.
In your project repository, modify your .circleci/config.yml to install the CloudTruth CLI and use it to fetch configuration data or secrets.
Here’s a sample configuration that demonstrates how to integrate CloudTruth in a CircleCI pipeline:
Install CloudTruth CLI: This step installs the latest version of the CloudTruth CLI in the CircleCI build environment.
Authenticate CloudTruth: This step authenticates CloudTruth using the API key stored in CircleCI environment variables.
Fetch Configuration: The cloudtruth parameters get command retrieves the configuration variables and secrets from CloudTruth. The --format env flag outputs the parameters in a format compatible with environment variables, which can then be sourced into the pipeline.
Use Configuration Variables: The variables fetched from CloudTruth can be referenced using standard environment variable syntax in subsequent pipeline steps.
Using the flag, you can also specify particular variables and secrets you want to inject into your pipeline. For example:
This will retrieve only the API_KEY from the production environment in the my_project project.
Scope by Project and Environment: Always scope your configuration variables by project and environment to ensure you retrieve the correct data for each deployment stage.
Use Secrets Management: CloudTruth allows you to manage secrets like API keys, database passwords, and tokens. These can be securely injected into your CircleCI pipelines, minimizing the risk of exposing sensitive information.
Version Control: CloudTruth provides versioning of configuration parameters, allowing you to easily roll back to previous versions or track changes over time.
Managing API Keys: Store API keys for different services in CloudTruth and inject them into your CircleCI pipelines based on the environment (e.g., staging, production).
Environment-Specific Configurations: Use CloudTruth to store environment-specific configurations (e.g., database URLs, feature flags) and dynamically fetch them based on the current environment.
With this integration, you can securely and dynamically manage your configuration variables and secrets in CloudTruth while ensuring they are automatically injected into CircleCI pipelines. This streamlines your CI/CD process and reduces the complexity of managing sensitive configuration data.