Docker

Secret Environment Variables with Drone


This is a basic tutorial on adding environment variables inside your public github repo without letting everyone know your true values. Drone will encrypt your values, and the file .drone.sec will store the encrypted variables.

1. Log into Drone and view/activate your Repo
2. Click on the “Secrets” tab.

Insert your environment variables in YAML format and click Generate

1
2
3
4
environment:
  - DBUSER: root
  - DBPASSWORD: password123
  - DBDATABASE: newdatabase

secret1

3. Create a new file called .drone.sec

Insert the encrypted text that drone rendered for you. This file should be in root directory, next to .drone.yml

4. Inside your .drone.yml config

Insert and match the environment variables as shown

1
2
3
4
5
build:
  environment:
    - DBUSER=$$DBUSER
    - DBPASSWORD=$$DBPASSWORD
    - DBDATABASE=$$DBDATABASE
Commit and Push your code

Drone will include the environment variables so you can have a public repo, without worrying about your database password being stolen.


View Comments
There are currently no comments.