Skip to main content
Blink enables seamless integration with a vault established within a customer’s personalized environment, guaranteeing secure storage of connections within their controlled setting. To configure a GCP Secret Manager you need to create a Self-Hosted runner with additional configuration, including the CREDENTIALS and PROJECT_ID.
1

Access Your Google Cloud Platform Account

Navigate your “Google Cloud Platform” account.
2

Create a GCP IAM Service Account

Create a GCP IAM Service Account or navigate to your GCP IAM Service Account if you already have one.
3

Assign Secret Manager Admin Role

Assign the “Secret Manager Admin” role to the service account.
4

Obtain the Service Account Credentials

Download and securely save the Service Account Credentials
5

Create a New Runner in the Blink Platform

Proceed to the Blink Platform and create a new Runner in your Workspace.
6

Set the Runner Group as Default (Optional)

Set new runner group as default for workspace. On the Runners page, click > Set as default.

OR Select the checkbox Set as default in Add new runner group.
7

Copy the Runner Installation Command

To proceed, click on the ‘Continue’ button located in the bottom-right corner. This will prompt the opening of a dialogue box where you can access the command required to install the Runner in your environment. Simply copy this command to your clipboard by clicking on the icon positioned in the top-right corner.
8

Edit and Configure the Runner Command

Edit the command to add the environment variables you obtained when creating a Service Account: GCP_SECRET_MANAGER_AUTH_TYPE, GCP_SECRET_MANAGER_CREDENTIALS, GCP_SECRET_MANAGER_PROJECT_ID and SECRET_MANAGER_TYPE
docker run -d --name blink-runner -e GCP_SECRET_MANAGER_AUTH_TYPE=credentials -e GCP_SECRET_MANAGER_CREDENTIALS=<credentials-json> -e SECRET_MANAGER_TYPE=gcp -e GCP_SECRET_MANAGER_PROJECT_ID=<project_id> -e CTRL_URL="https://app.blinkops.com"

helm install -n blink --create-namespace --set image.tag=<version> --set env.GCP_SECRET_MANAGER_AUTH_TYPE=credentials --set env.SECRET_MANAGER_TYPE=gcp --set-file env.GCP_SECRET_MANAGER_CREDENTIALS=<path-to-credentials-file> --set env.GCP_SECRET_MANAGER_PROJECT_ID=<project_id> --set config.runner.ctrl_url=https://app.blinkops.com
9

Start the Runner

Start the Runner to initiate access to secrets stored in GCP Secret Manager.