Hello Team,
I have requirement to add the vault secret name during run time from custom file. Expecting to get the secret value from those vault secrets.
- I already have pipeline.yml file and static vault working as expected.
agents:
queue: docker
steps:
- label: 'Get Delta files and deploy artifacts'
env:
BUILDKITE_VAULT_SECRET: "secrets_1,secrets_2"
commands:
- echo "$BUILDKITE_VAULT_SECRET_1"
- echo "$BUILDKITE_VAULT_SECRET_2"
- Wanted to add some more secrets during run time. Can we have shell script to load those secrets.
#!/bin/bash
set -eu
printf "Executing the pipeline.sh"
# If you build HEAD the pipeline.sh step, because it runs first, won't yet
# have the updated commit SHA. So we have to figure it out ourselves.
if [[ "${BUILDKITE_COMMIT:-HEAD}" == "HEAD" ]]; then
commit=$(git show HEAD -s --pretty='%h')
else
commit="${BUILDKITE_COMMIT}"
fi
# We have to use cat because pipeline.yml $ interpolation doesn't work in YAML
# keys, only values
cat <<YAML
agents:
queue: docker
steps:
- label: 'Dynamic Vault Read'
env:
BUILDKITE_VAULT_SECRET: "secret_3,secret_4.....n"
commands:
- echo "Printing from Dynamic Vault Read"
YAML
I have tried with above pipeline yml and shell script. But shell script vault is not loading as expected.