igor/vault-test
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
vault-test/.woodpecker.yml
igor 903ad98289
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Details
Fix: use awk instead of jq/python
2026-03-16 23:20:03 +00:00

25 lines
916 B
YAML
Raw Permalink Blame History

steps:
- name: fetch-secrets
image: hashicorp/vault:latest
environment:
VAULT_ADDR:
from_secret: vault_addr
VAULT_ROLE_ID:
from_secret: vault_role_id
VAULT_SECRET_ID:
from_secret: vault_secret_id
commands:
- export VAULT_TOKEN=$(vault write -field=token auth/approle/login role_id=$VAULT_ROLE_ID secret_id=$VAULT_SECRET_ID)
- echo "Auth successful"
- vault kv get -format=table projects/test/demo | awk '/^====== Data/,0 { if ($1 != "======" && $1 != "Key" && $1 != "---") print "export "$1"="$2 }' > .env.vault
- echo "Fetched secrets:"
- cat .env.vault
- name: use-secrets
image: alpine
commands:
- source .env.vault
- echo "APP_NAME=$APP_NAME"
- echo "DB_HOST=$DB_HOST"
- echo "DB_PASS length=$(echo -n $DB_PASS | wc -c) chars"
- echo "Secrets are available in any step via .env.vault"
Reference in a new issue View git blame Copy permalink