Reputation: 1409
access environment variables of drone in drone plugins
I am completely new to drone CI/CD. I am facing issue on passing environment variables to drone plugin. What i did upto now is
- I deployed drone docker image drone/drone:0.7 in one of my server (my.drone.com) (both server and agent working. bitbucket is integrated successfully) I followed this article: configre drone on ubuntu for setup.
- I activated one of my repo for CI/CD in drone admin app
- I added
.drone.ymlfile to project - I did setup automatic image build in
cloud.docker.comapp. Now i want to deploy that image to my other cloud server (my.app.com). So, I added applebody/drone-ssh to drone.yml to access that server - For this plugin to deploy to my server, it needs to access my server (
my.app.com) through ssh. - I can login to
my.app.comfrommy.drone.comserver - But i dont know how plugin can access my.app.com, I tried to pass my
my.drone.comprivate ssh key to plugin through environment varibles. But didn't workout. my drone's server and agent env file and.drone.ymlas follows:
.drone.yml
pipeline:
ssh:
image: appleboy/drone-ssh
host: my.app.com
user: root
key: $PLUGIN_SSH_KEY
script:
- ls
- cd apps
- docker pull drprasad/todo-app
- docker rm -f todo
- docker run -p 8080:8080 -d --name 'todo' drprasad/todo-app
notify:
image: plugins/slack
webhook: https://hooks.slack.com/services/token
channel: test
username: drone-is-flying
agent env file
DRONE_SECRET=my_drone_secret_key
DRONE_SERVER=ws://drone-server:8000/ws/broker
PLUGIN_SSH_KEY="-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAzMW5gU9I071UdnBDANbvuprd+1QwBEXWUq0gvi44ECUDZhzL
...............................................................
...............................................................
-----END RSA PRIVATE KEY-----"
server env
DRONE_SECRET=my_drone_secret_key
DRONE_HOST=my.drone.com:8082
DRONE_OPEN=true
DRONE_BITBUCKET=true
DRONE_BITBUCKET_CLIENT=my_bitbucket_client_token
DRONE_BITBUCKET_SECRET=my_bitbucket_secret_key
PLUGIN_SSH_KEY="-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAzMW5gU9I071UdnBDANbvuprd+1QwBEXWUq0gvi44ECUDZhzL
...............................................................
...............................................................
-----END RSA PRIVATE KEY-----"
How can pass PLUGIN_SSH_KEY variable (either from agent or server env file) to drone plugin ?? so that it can access my my.app.com server
Even I dont know my approach is correct or not. Please correct me if my approach is wrong.
Sorry for my bad english. Thanks
Upvotes: 1
Views: 7489
Answers (1)
Reputation: 2563
This is not supported syntax. The key value in your example is a Go string literal and therefore cannot evaluate a bash expression.
key: $PLUGIN_SSH_KEY
If you want to pass sensitive parameters (such as keys) to your build you can do so using the drone secret store [1]. You can upload secrets using the command line utility or in the user interface.
You can then pass those secrets to the plugin. Please see the official documentation [1] for a more in-depth explanation. Here is a brief example of how the syntax should look:
pipeline:
image: appleboy/drone-ssh
host: my.app.com
user: root
secrets: [ SSH_KEY ]
Note that the plugin expects the secret to be named SSH_KEY. The official documentation [1] describes what to do if the secret has a different name.
Further reading:
[1] http://docs.drone.io/manage-secrets/
[2] Drone CI does not see secret variables when using drone-email plugin
Upvotes: 2
Related Questions
- Drone CI - How to set pipeline env var to result of CLI output
- How to load environment variables from a dotenv file in Flyway?
- How to get drone environment variables in custom plugin?
- How can I pass a external environment variable to drone docker runner?
- Drone Invalid or missing pipeline section
- Drone replacing environment variables with empty strings
- Drone CI does not see secret variables when using drone-email plugin
- Installing a plugin into Drone CI (the Trigger plugin)
- How to get environment variable from Quasar Framework
- How to read environment variable set by envinject in Java?