Hi @bradrydzewski,
I am really thankful for all your really hard work in developing the drone stuff.
But I am pretty new and trying to switch from local Gitlab to GitTea + Drone + Vault to build my images. I’m really misusing Vault as I’m just using it as a store for for shared ‘variables’ nearly used on every repo.
Anyway, my main problem is I’m seeing way too many different ways to specify access to secrets and no matter which kind I try, i currently get either nothing or an error.
On the Vault announcement page https://blog.drone.io/drone-vault-secrets/ it is stated as
secrets:
docker_username:
external:
name: secret/data/docker#username
and on the official page (https://docs.drone.io/extend/secrets/vault/config-in-drone/) it is stated as
---
kind: secret
name: username
get:
path: secret/data/docker
name: username
---
kind: secret
name: password
get:
path: secret/data/docker
name: password
I’m currently pretty frustrated as the last part that is not working in the whole setup is my access to the ‘shared variables’ via Vault within .drone.yml.
Just tried a very basic file
kind: pipeline
name: default
steps:
- name: build
image: bash
environment:
MY_SSH_KEY:
from_secret: ssh_key
commands:
- echo "${MY_SSH_KEY}"
---
kind: secret
external_data:
ssh_key:
path: kv/kiwi
name: SSH_KEY
This .drone.yml just returns “echo ‘’”
I’m able to retrieve the secret with the drone plugins call
rp@debian1-vm:~/git/drone-vault-test$ drone plugins secret get kv/kiwi SSH_KEY --repo pasche/drone-vault-test
ssh-key....
rp@debian1-vm:~/git/drone-vault-test$
Soe the above .drone.yml should return “echo ‘ssh-key…’”.
Currently, I’m no GO programmer…I already looked into the code and I currently don’t get into it, so pointing me to the source code will not help me very much ;-/
Maybe I’m missing the right page for the current documentation and hope, you can point me in the right direction.
Again…thank you for your hard work.
Robert
