https://github.com/fixate/drone-secrets

Easily manage drone build server secrets with a manifest file
https://github.com/fixate/drone-secrets

drone drone-secrets manifest

Last synced: 2 months ago
JSON representation

Easily manage drone build server secrets with a manifest file

• Host: GitHub
• URL: https://github.com/fixate/drone-secrets
• Owner: fixate
• Created: 2017-08-29T17:51:43.000Z (over 7 years ago)
• Default Branch: master
• Last Pushed: 2019-07-10T17:41:39.000Z (almost 6 years ago)
• Last Synced: 2025-01-04T08:37:48.789Z (4 months ago)
• Topics: drone, drone-secrets, manifest
• Language: Go
• Homepage:
• Size: 3.95 MB
• Stars: 2
• Watchers: 4
• Forks: 1
• Open Issues: 2
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

        
# Drone Secrets

Will set secrets from a yaml manifest on your drone server.

### Motivation

Currently, there is no simple declaritive way to manage many drone secrets. It's a hassel and error prone to use `drone-cli` to set secrets per repo, per image in bulk. A shell script quickly becomes unwieldy. With `drone-secrets` you can create a yaml manifest to clearly define your configuration for your repos, per image. Common configuration can be set for multiple repos to keep things DRY. If you need to restore your secrets (say if you mistakenly deleted your repo), you have a way to quickly set all the required configuration. The manifest(s) can be kept in source control.

### Install:

See [releases](https://github.com/fixate/drone-secrets/releases/latest) or build repo using `make build` or `make builddev`

TODO:

- Use CI for github releases for multiple targets

- Make go get work to fetch the command (If people start caring

		about this project I'll take things further)

## Configuration

Put this in your shell environment (probably `.bashrc`)

```shell

export DRONE_SERVER=


export DRONE_TOKEN= token)>

```


### Usage:

```shell

drone-secrets apply -f manifest.yml

```

*manifest.yml*

```yaml

---

# Comma delimited or list accepted syntax accepted for repo, value, events and images

- repo: my/repo, my/other-repo

  secrets:

  # Set for my/repo and my/other-repo

  - name: MY_SECRET

    value: 12345

  - name: SLACK_WEBHOOK

    value: abcde

    # Default events are push, tag, deployment

    events: push,tag

    image: plugins/slack

- repo: 

    - my/repo

    - yet/another/repo

  secrets:

  # Setting value to a list	  

  - name: PLUGINS_ENVIRONMENT_VARIABLES

    events: 

      - push

      - tag

    # List types are converted to a comma delimited string

    value:

      - PORT=1234

      - SECRET_TOKEN=abcd1234

    # Same as:

    # value: PORT=1234,SECRET_TOKEN=abcde1234,...

    images: 

      - plugins/ecs

      - plugins/ecs:*

```

## TODO:

- Tests 

- Optionally clean secrets not in manifest