Changelog

Hashicorp Nomad Integration & more

Wednesday, May 15, 2024
console integrations Nomad

hashicorp nomad

The Phase Console now natively integrates with Hashicorp Nomad, allowing you to sync secrets to Nomad variables and use them with your Nomad Jobs. We've also shipped several quality of life improvements, new features and bugfixes to the Console and API.

Setting up Integration with Hashicorp Nomad

To start syncing secrets to Hashicorp Nomad, head over to the "Integrations" page from the sidebar and choose "Hashicorp Nomad" to set up authentication credentials. You can find detailed instructions for creating Nomad credentials in the docs.

create credentials

input nomad credentials

Creating a sync is as simple as picking an Environment (and optionally a path) in Phase as the source of Secrets, and the Nomad Variable path and namespace as the destination. By default, Phase will set the path as APP_NAME/ENVIRONMENT_NAME and the namespace as default

create sync

Once setup, Phase will automatically sync your secrets to Nomad whenever you create, update or delete a secret in the selected Environment and path.

nomad syncs

You can keep track of sync jobs from the Syncing tab of your App and view detailed logs and metadata for each job. You can also pause and resume a specific sync job if needed, or trigger syncs manually.

Hashicorp Nomad integration is available in Phase Console v2.25.0 and you can find complete documentation for setting up this integration in the Phase Docs.

New features and improvements

We've also shipped a few quality of life improvements and bugfixes over the last couple of weeks. Here's a quick rundown of the notable changes.

Better sync credential management

With this release we have reworked the credential management dialog for syncs to be more intuitive and easier to use. You no longer need to click "Edit" before being able to edit values, and values such as host or addr are no longer masked by default.

Its now easlier to link a specific secret to a team member in Phase by grabbing a permalink to the secret from the "Share" dialog. Sharing via Lockbox is still available from the "Lockbox" tab.

nomad syncs

REST API improvements

The REST API now returns any secrets affected by a POST or PUT operation, instead of the n secrets updated message. This should reduce the need for re-querying secrets after creating or updating a secret. Here's an example response for a POST request that creates a single secret:

[
    {
        "id": "22ff660b-ad07-4bd2-9e17-01f31d009a8b",
        "key": "DB_NAME",
        "value": "postgres",
        "comment": "primary db name",
        "tags": [],
        "override": null,
        "path": "/backend",
        "keyDigest": "b7829e56ae94313fde941350b39e3440bbc176b3dc41933a8ff38bf03ee66c3c",
        "version": 1,
        "createdAt": "2024-05-01T07:45:43.743793Z",
        "updatedAt": "2024-05-01T07:45:43.743802Z",
        "environment": "ce46fc41-f41b-428a-89a4-9eaa9564a5f1",
        "folder": "88a61863-96d2-45e9-acc9-1d034eacd3f1"
    }
]

You'll find complete examples for all available methods of the Secrets API in the docs.

Reveal all secrets in one click

The secret mangement screen now has a "Reveal all" button to easily reveal all secrets in the current path with a single click. Boolean values won't be affected by this action:

Reach out on Slack or GitHub for any questions or feedback on this release!

CLOUD

The fastest and easiest way to get started with Phase. Spin up an app in minutes. Hosted in Frankfurt 🇩🇪

SELF-HOSTED

Run Phase on your own infrastructure and maintain full control. Perfect for customers with strict compliance requirements.