Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Declaring a secret as an environement variable #136

Open
yacinelazaar opened this issue Dec 25, 2019 · 5 comments
Open

Declaring a secret as an environement variable #136

yacinelazaar opened this issue Dec 25, 2019 · 5 comments
Labels
documentation

Comments

@yacinelazaar
Copy link

Hi,

I'm trying to figure out how to load a password from the bundled file secret plugin from gocd into the yaml but so far no success.
Here is my approach:

environments:
  production:
    environment_variables:
      GIT_USER: yacine.laz
      GIT_PASSWORD: {{SECRET:[ci][git-password]}}
      REGISTRY_USER: yacine.laz
      REGISTRY_PASSWORD: "{{SECRET:[ci][registry-password]}}"
      REGISTRY: http://gitlab-registry
      REGISTRY_IMAGE: gitlab-registry.thinkpad.tld/yacine.laz/presentation-gitlab-k8s
    pipelines:
      - my-pipeline
pipelines:
  my-pipeline: # definition pipeline
    group: pipeline-group
    label_template: "${mygit[:8]}"
    locking: off
    materials:
      mygit:
        git: http://gitlab/yacine.laz/gocd-repo-test.git
        branch: master
        username: ${GIT_USER}
        password: ${GIT_PASSWORD}
...

According to gocd docs, I can reference the secret as an env variable or a parameter but I'm getting an error:

Error: pipeline.gocd.yml;
1. Line 5, column 19: Expected scalar, sequence, or mapping but found: mapping end

Does it need escaping or this simply does not work. If the latter, then what's the appropriate method to use password and secrets in the yml and be able to reference them.
@arvindsv
Copy link
Contributor

arvindsv commented Jan 2, 2020

Based on this message, I believe this is not an issue. Is that right?

@yacinelazaar
Copy link
Author

@arvindsv
Yes Indeed, Damn the single quotes:
Would help if there was an example for those in the docs.

environments:
  production:
    environment_variables:
      REGISTRY_USER: yacine.laz
      REGISTRY_PASSWORD: '{{SECRET:[ci][registry-password]}}'

@arvindsv
Copy link
Contributor

arvindsv commented Jan 2, 2020

I don't have access to accept it, but I'm sure a PR to the docs will be accepted. :)

@yacinelazaar
Copy link
Author

I will make some time for it in the weekend.

@arvindsv arvindsv mentioned this issue Jan 8, 2021
Closed
@dnewhook
Copy link

I got stung with referencing secrets in git materials today. Based on the example above - this was how we solved the issue... (GOCD 20.4.0.

environments:
  production:
    environment_variables:
      GIT_USER: yacine.laz
      REGISTRY_USER: yacine.laz
      REGISTRY_PASSWORD: '{{SECRET:[ci][registry-password]}}'
      REGISTRY: http://gitlab-registry
      REGISTRY_IMAGE: gitlab-registry.thinkpad.tld/yacine.laz/presentation-gitlab-k8s
    pipelines:
      - my-pipeline
pipelines:
  my-pipeline: # definition pipeline
    group: pipeline-group
    label_template: "${mygit[:8]}"
    locking: off
    materials:
      mygit:
        git: http://gitlab/yacine.laz/gocd-repo-test.git
        branch: master
        username: ${GIT_USER}
        password: "{{SECRET:[ci][git-password]}}"

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
documentation
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@arvindsv @yacinelazaar @tomzo @dnewhook