Drone 0.8: Using secrets in steps not supporting reading from env vars

bradrydzewski · April 16, 2018, 5:47pm

I describe a pattern for handling this use case here:
http://discuss.harness.io/t/how-can-i-pass-secrets-as-build-args-to-plugins-docker-drone-0-8/824/2

Note that we use this pattern with the docker plugin, where we need to provide the plugin with an arbitrary dictionary of parameters for build-args, which in some cases may need to be sourced from secrets or the environment.

So you might instead do something like this:

some-deploy-step:
  image: custom-deploy-plugin
  custom_params:
    param1: something
    param2: something
-   param3: $$PASSWORD_STORED_AS_DRONE_SECRET
+ custom_params_from_env: [ PASSWORD_STORED_AS_DRONE_SECRET ]

or this

some-deploy-step:
  image: custom-deploy-plugin
  custom_params:
    param1: something
    param2: something
-   param3: $$PASSWORD_STORED_AS_DRONE_SECRET
+ custom_params_from_env: 
      param3: PASSWORD_STORED_AS_DRONE_SECRET

Topic		Replies	Views
Problems with Secrets Drone FAQ	1	5919	December 19, 2018
DRONE_RUNNER_ENV not working with secrets Drone Support	3	791	March 29, 2020
Secret Change, Back to Interpolation Drone Support	2	2296	January 20, 2017
[solved] Per organization secrets and environment issue Drone Support	1	320	May 8, 2021
Passing Secrets as Build Arguments, plugins/Docker Drone Support	3	4992	January 21, 2019

Drone 0.8: Using secrets in steps not supporting reading from env vars

Related topics