DevopsOP
October 31, 2018, 3:34pm
1
Greetings friends,
I may be crazy, but I need a way to pass all my secrets as environment variable to my custom drone plugin. [ I am using drone 0.8.7]
Add a secret to my repo (project/myrepo):drone secret add --repository project/myrepo --image docker --name sonar_host --value foo
Content of .drone.yml:
pipeline:
docker:
image: docker
secrets: [ sonar_host ]
commands:
- "echo ${SONAR_HOST}"
when:
branch: [master, develop, release/*]
Result:
I have read the secret documentation found here: https://docs.drone.io/secret/repository/
When I try to escape the variable I get Bad substitution
I really need to expose all my secrets to environment variable so my custom plugin can do the following:
var envvariables = [];
for (var key in process.env) {
envvariables.push({
"name": key,
"value": process.env[key]
});
}
And right now it is not seeing the secrets that I put in my pipeline as Environment variable(but it can see all the CI_ variables).
Thanks,
this syntax will never work because it is not escaped and is therefore subject to pre-processing. See https://docs.drone.io/pipeline/environment/syntax/
you therefore need to do this:
pipeline:
docker:
image: docker
secrets: [ sonar_host ]
commands:
- - "echo ${SONAR_HOST}"
+ - echo $${SONAR_HOST}
or if you just want to inspect variables do this:
pipeline:
docker:
image: docker
secrets: [ sonar_host ]
commands:
- - "echo ${SONAR_HOST}"
+ - env
I really need to expose all my secrets to environment variable so my custom plugin can do the following:
all secrets are always exposed as environment variables without exception, when they are configured correctly. If a secret is not being exposed it is because of configuration error. We have documented common reasons for secrets not working here: http://docs.drone.io/secrets-not-working/
DevopsOP
October 31, 2018, 3:52pm
3
Question, is it possible to add a secret with multiple image?
drone secret add --repository project/myrepo --image "docker","random/image" --name sonar_host --value foo
yes, like this: drone secret add --image=docker --image=random/image --image=foo/*
1 Like
DevopsOP
October 31, 2018, 3:53pm
5
Perfect! Thanks a lot for the swift reply
DevopsOP
October 31, 2018, 6:02pm
6
One Last question, is it possible to expose all secrets defined in a repository in a pipeline step a bit like this:
pipeline:
docker:
image: docker
secrets: [ * ] // all secrets from the repo for the image docker
commands:
- "echo ${SONAR_HOST}"
when:
branch: [master, develop, release/*]
Or do I have to list them one by one?
