{"id":3584,"date":"2016-07-01T13:50:20","date_gmt":"2016-07-01T19:50:20","guid":{"rendered":"http:\/\/benincosa.com\/?p=3584"},"modified":"2016-07-01T13:51:18","modified_gmt":"2016-07-01T19:51:18","slug":"drone-secrets","status":"publish","type":"post","link":"https:\/\/benincosa.com\/?p=3584","title":{"rendered":"Drone Secrets"},"content":{"rendered":"<p>I was really happy to see the <a href=\"http:\/\/readme.drone.io\/usage\/secrets\/\">Drone Secret&#8217;s<\/a> page describe how to put secrets in a .drone.yml file. \u00a0Checking passwords into repositories is a big no-no.<\/p>\n<p>Still, there were some clarity in the docs I would have liked. \u00a0Here&#8217;s step by step.<\/p>\n<p>1. <a href=\"http:\/\/readme.drone.io\/devs\/cli\/\">Install drone<\/a><\/p>\n<p>Yep. This is the mac client. \u00a0I did the manual way<\/p>\n<pre class=\"lang:sh decode:true \">curl http:\/\/downloads.drone.io\/drone-cli\/drone_darwin_amd64.tar.gz | tar zx\r\nsudo cp drone \/usr\/local\/bin<\/pre>\n<p>2. \u00a0Set environment variables<\/p>\n<p>You have Drone up, set the following in your .bash_profile or .login<\/p>\n<pre class=\"lang:sh decode:true \">export DRONE_SERVER=http:\/\/10.93.234.142\r\nexport DRONE_TOKEN=asdf23r213rrrawerqwerqwer....<\/pre>\n<p>The DRONE_TOKEN you can get by logging into drone and clicking on your profile. \u00a0The settings area has that.<\/p>\n<p>3. \u00a0Create the secrets.yml file as shown in the docs.<\/p>\n<p>4. \u00a0Convert and check in!<\/p>\n<pre class=\"lang:sh decode:true \">drone secure  --repo CiscoPipeline\/kong-frontend --in secrets.yml --out .drone.sec\r\ngit add .drone.sec\r\ngit commit -am \"added drone secrets\"\r\ngit push<\/pre>\n<p>5. \u00a0Secrets can be accessed in the .drone.yml file with the $${VARIABLE}<\/p>\n<p>The example below shows the QUAY_PASSWD variable.<\/p>\n<pre class=\"lang:sh decode:true \">publish:\r\n  docker:\r\n    registry: quay.cisco.com\r\n    username: vbeninco\r\n    password: \"$${QUAY_PASSWD}\"\r\n    email: vbeninco@cisco.com\r\n    repo: ciscopipeline\/kong-frontend\r\n    tag: \r\n      - \"$${BUILD_NUMBER}\"\r\n      - latest<\/pre>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>I was really happy to see the Drone Secret&#8217;s page describe how to put secrets in a .drone.yml file. \u00a0Checking passwords into repositories is a big no-no. Still, there were some clarity in the docs I would have liked. \u00a0Here&#8217;s step by step. 1. Install drone Yep. This is the mac client. \u00a0I did the&#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[818,638,606],"tags":[830,838,839],"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/benincosa.com\/index.php?rest_route=\/wp\/v2\/posts\/3584"}],"collection":[{"href":"https:\/\/benincosa.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/benincosa.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/benincosa.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/benincosa.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3584"}],"version-history":[{"count":1,"href":"https:\/\/benincosa.com\/index.php?rest_route=\/wp\/v2\/posts\/3584\/revisions"}],"predecessor-version":[{"id":3585,"href":"https:\/\/benincosa.com\/index.php?rest_route=\/wp\/v2\/posts\/3584\/revisions\/3585"}],"wp:attachment":[{"href":"https:\/\/benincosa.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3584"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/benincosa.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3584"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/benincosa.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3584"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}