Hello,
I have setup the AWS CI stack and have got it all working (as well as adding an “environment” file in the secrets S3 bucket). However, although I can see in the build logs “Fixing permissions …” it says the var was added, example “MY_KEY added”, it is not accessible from a build step which is running a script.
I have managed to do a workaround which adds an empty env var to my pipeline.yaml and this works as in it gets overrided with the value defined in the s3 file, but I feel like I shouldn’t need to do this and that all secrets/vars added in the environment file should be accessible.
env:
MY_KEY: ""
Is there something I am doing wrong, or extra I need to do? Here’s the pipeline.yaml
common:
docker-login: &dockerLogin
docker-login#v3.0.0:
propagate-environment: true
mount-buildkite-agent: true
username: "n/a"
password-env: ACCESS_TOKEN
server: registry-link
volumes:
- "/var/run/docker.sock:/var/run/docker.sock"
env:
IMAGE_TAG: "${BUILDKITE_BRANCH}_${BUILDKITE_BUILD_NUMBER}"
MY_KEY_EXAMPLE: ""
steps:
- label: ":docker: Build & Push to Registry"
key: build_push
command: .buildkite/scripts/build-push.sh
plugins:
- *dockerLogin
- label: ":k8s: Deploy to Kubernetes"
depends_on: build_push
# Added /bin/bash as a workaround for now, since normally it fails (perm denied).
command: /bin/bash .buildkite/scripts/deploy-helm.sh
plugins:
- *dockerLogin
- docker#v3.0.0:
image: my-registry/helm-helpers:0.1.0
propagate-environment: true
always-pull: true
