Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Secret in Drone 1.0.0-rc.1 #130

Closed
SolT31 opened this issue Nov 18, 2018 · 13 comments
Closed

Secret in Drone 1.0.0-rc.1 #130

SolT31 opened this issue Nov 18, 2018 · 13 comments
Labels
question

Comments

@SolT31
Copy link

SolT31 commented Nov 18, 2018
edited
Loading

How to use secrets in script?
Drone version 1.0.0-rc.1

ssh:
    image: appleboy/drone-ssh
    host: host.com
    username: 
      from_secret: ssh_user
    password:
      from_secret: ssh_password
    port: 22
    script:
      - docker login -u ${DOCKER_USER} -p ${DOCKER_PASS} repo.com

Example from documentation does not work for version 1.0.0 rc.1
@appleboy
Copy link
Owner 

- name: ssh
  image: appleboy/drone-ssh
  settings:
    host: host.com
    username:
      from_secret: ssh_user
    password:
      from_secret: ssh_password
    port: 22
    script:
    - docker login -u ${DOCKER_USER} -p ${DOCKER_PASS} repo.com

see the plugins section of pipeline steps

kind: pipeline
name: default

steps:
- name: build
  image: golang
  commands:
  - go build
  - go test

- name: notify
  image: plugins/slack
  settings:
    room: general
    webhook: https://...

@SolT31
Copy link
Author

SolT31 commented Nov 18, 2018
edited
Loading

You do not understand me.

I need to read the secrets of the drone in the script block for authorization in my docker repository.

In Drone version 0.0.5, this worked with the ${DOCKER_PASS} construct.
In the version of Drone 1.0.0-rc.1, this does not work.

@coolyrat
Copy link

it would be great if add some example usage for 1.0.0. i am trying to pass secret into the executing script

image

@droplet-js
Copy link

I have the same problem.

- name: ssh-docker-host
  image: appleboy/drone-ssh
  settings:
    host: host.docker.internal
    port: 22
    username:
      from_secret: MAC_USER
    password:
      from_secret: MAC_PASSWORD
    script:
    - date -R
    - system_profiler SPSoftwareDataType
    - bash -lc 'security unlock-keychain -p ${MAC_PASSWORD} login.keychain'
    - bash -lc 'flutter --version'
    - date -R

Example from documentation does not work for version 1.0.0 rc.1

@droplet-js
Copy link

^_^ I have solved it.

- name: ssh-docker-host
  image: appleboy/drone-ssh
  environment:
    USERNAME:
      from_secret: MAC_USER
  settings:
    host: host.docker.internal
    port: 22
    username:
      from_secret: MAC_USER
    password:
      from_secret: MAC_PASSWORD
    envs: [ USERNAME ]
    script:
    - date -R
    - system_profiler SPSoftwareDataType
    - bash -lc 'flutter --version'
    - echo $USERNAME
    - echo $${USERNAME}
    - date -R

@SolT31 SolT31 closed this as completed Dec 3, 2018
@coltenkrauter
Copy link

@v7lin
Can you please help me? I cannot get secrets to work in scripts...
I created a secret names test and I am trying to use it in ssh command.
This is what I have tried:

- name: Deploy gateway-service
  image: plugins/ssh
  environment:
    TEST:
      from_secret: test
  settings:
    host: coltenkrauter.com
    ssh_key: 
      from_secret: ssh_key
    port: 22
    envs: [TEST]
    script:
      - cd /home/ubuntu
      - echo test
      - echo TEST
      - echo $test
      - echo $${test}
      - echo "$test"
      - echo "$${test}"
      - echo $TEST
      - echo $${TEST}
      - echo "$TEST"
      - echo "$${TEST}"
      - pwd
      - whoami

@droplet-js
Copy link

droplet-js commented Dec 13, 2018
edited
Loading

@coltenkrauter
plugins/ssh -> appleboy/drone-ssh

@coltenkrauter
Copy link

That did it, thanks @v7lin

@appleboy appleboy mentioned this issue Mar 6, 2019
Closed
@DNajjarzade DNajjarzade mentioned this issue Apr 23, 2019
Closed
@leafney
Copy link

leafney commented Jun 27, 2019

thanks @v7lin ,the envs is the key.

@lkqm
Copy link

lkqm commented Oct 12, 2019

I have a similar problem, echo secret var like *******, causes docker login password error,
and test other when secret value euqals drone secret it's will replaced ******:

using drone v1.6.0:

.drone.yml:

- name: deploy
  image: appleboy/drone-ssh
  environment:
    DOCKER_USER: mmd
    DOCKER_PASS:
      from_secret: docker_pass
  settings:
    host: mario6.me
    port: 6722
    username:
      from_secret: ssh_user_host1
    password:
      from_secret: ssh_pass_host1
    command_timeout: 2m
    envs: [ DOCKER_USER, DOCKER_PASS ]
    script:
      - export DOCKER_REGISTRY=registry.cn-chengdu.aliyuncs.com
      - export DOCKER_IMAGE=registry.cn-chengdu.aliyuncs.com/lkqm/paper-show:${DRONE_TAG=latest}
      - export DOCKER_REGISTRY_USER=$DOCKER_USER
      - export DOCKER_REGISTRY_PASS=$DOCKER_PASS
      - export PATH=/usr/local/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin
      - echo $DOCKER_USER
      - echo ${DOCKER_USER}
      - echo $${DOCKER_USER}
      - echo $DOCKER_PASS
      - echo ${DOCKER_PASS}
      - echo $${DOCKER_PASS}

      - sh /tmp/paper-show/drone/deploy.sh
  when:
    event:
      - tag

build result:
image

@appleboy
Copy link
Owner

@lkqm Do you want to upload docker image to aliyuncs?

@lkqm
Copy link

lkqm commented Oct 12, 2019

No, I need pull docker image from aliyuncs private repository in remote ssh host, so I need password to login aliyuncs registry.
不是的,我需要在远程主机上从阿里云私有仓库拉去docker镜像, 所以我需要密码登录镜像中心

@lkqm
Copy link

lkqm commented Oct 13, 2019

@appleboy so sorry, I am try again, it's work now, may be is password wrong

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
7 participants
@appleboy @coolyrat @droplet-js @leafney @coltenkrauter @SolT31 @lkqm