Author: Robert Kaussow <mail@geeklabor.de>
Date:   Thu Jan 14 11:26:06 2021 +0100

    add option DRONE_DATABASE_SECRET to enable secrets encryption in db
This commit is contained in:
Robert Kaussow 2021-01-14 10:31:17 +00:00
parent 1e9124ef51
commit 41c108e063

View File

@ -13,6 +13,7 @@ Setup [Drone CI](https://drone.io/) base server. Drone is a Continuous Delivery
* [droneci_db_name](#droneci_db_name) * [droneci_db_name](#droneci_db_name)
* [droneci_db_password](#droneci_db_password) * [droneci_db_password](#droneci_db_password)
* [droneci_db_port](#droneci_db_port) * [droneci_db_port](#droneci_db_port)
* [droneci_db_secret](#droneci_db_secret)
* [droneci_db_server](#droneci_db_server) * [droneci_db_server](#droneci_db_server)
* [droneci_db_ssl_mode](#droneci_db_ssl_mode) * [droneci_db_ssl_mode](#droneci_db_ssl_mode)
* [droneci_db_type](#droneci_db_type) * [droneci_db_type](#droneci_db_type)
@ -91,6 +92,22 @@ droneci_db_password: secure
droneci_db_port: 5432 droneci_db_port: 5432
``` ```
### droneci_db_secret
Drone supports aesgcm encryption of secrets stored in the database. You must enable encryption before any secrets are stored in the database! You can generate an encryption key with e.g. `openssl rand -hex 16`.
#### Default value
```YAML
droneci_db_secret: _unset_
```
#### Example usage
```YAML
droneci_db_secret: 0c549fd39ae397333761d2cb0c53c219
```
### droneci_db_server ### droneci_db_server
#### Default value #### Default value