From c0e63defcd73e25f644a6bb61486bfa17678580b Mon Sep 17 00:00:00 2001 From: "Edwin.Avalos" Date: Fri, 23 Dec 2016 09:03:01 -0600 Subject: [PATCH] Implement exportSecrets Allows us to set environment variables that could be the named the same between multiple steps, but have different values due to enivronmental differences. This is a redo of #28 because I'm bad at git. The secrets are exported so that they can be used in any other flag in this plugin. --- DOCS.md | 23 +++++++++++++++++++++++ plugin.go | 11 +++++++++++ 2 files changed, 34 insertions(+) diff --git a/DOCS.md b/DOCS.md index 83a95c3..8f7f435 100644 --- a/DOCS.md +++ b/DOCS.md @@ -187,3 +187,26 @@ pipeline: app_version: 1.0.0 parallelism: 2 ``` + +## Remote configuration + +If you are configuring an s3 remote state and require S3 environment secrets you add the secrets "FOO" and "BAR" to your drone environment and reference the secrets as follows. These will not be outputted to stdout. + +```yaml +pipeline: + terraform: + image: jmccann/drone-terraform:0.5 + plan: false + remote: + backend: S3 + config: + bucket: my-terraform-config-bucket + key: tf-states/my-project + region: us-east-1 + vars: + app_name: my-project + app_version: 1.0.0 + secrets: + AWS_ACCESS_KEY_ID: FOO + AWS_SECRET_ACCESS_KEY: BAR +``` diff --git a/plugin.go b/plugin.go index 818b291..3ad641b 100644 --- a/plugin.go +++ b/plugin.go @@ -44,6 +44,11 @@ func (p Plugin) Exec() error { } var commands []*exec.Cmd + + if len(p.Config.Secrets) != 0 { + exportSecrets(p.Config.Secrets) + } + remote := p.Config.Remote if p.Config.Cacert != "" { commands = append(commands, installCaCert(p.Config.Cacert)) @@ -94,6 +99,12 @@ func installCaCert(cacert string) *exec.Cmd { ) } +func exportSecrets(secrets map[string]string) { + for k, v := range secrets { + os.Setenv(fmt.Sprintf("%s", k), fmt.Sprintf("%s", os.Getenv(v))) + } +} + func deleteCache() *exec.Cmd { return exec.Command( "rm",