Use Gitlab CI/CD variables in YAML file - yaml

I have got a YAML configuration file in which I need to store an API key. As I do not want to commit my API Key to my Repo I figured a Gitlab CI/CD variable would be a good option. I have configured the variable in the Gitlab UI to be:
TOKEN = "123"
My .gitlab.ci.yml file contains:
image:
name: xxx
variables:
P_TOKEN: ${TOKEN}
And my YAML file has:
spec:
command: test.sh
env_vars:
- TOKEN=${P_TOKEN}
But it just sets TOKEN in the YAML file to ${P_TOKEN} instead of the contents of ${P_TOKEN}. If I echo out my variables in my CI/CD pipeline it is set correctly.

So your YAML file is actually a template for a YAML file. You'd need to run some sort of template engine on top of it to have your ${P_TOKEN} placeholder replaced.
A very simple example using sed that might suffice for your use case:
sed -i "s/\${P_TOKEN}/$TOKEN/" your_file.yaml

Related

Best way to migrate the ansible group_var file to a simple environment variables in shell script

I am trying to migrate from Ansible to a simple GitLab Helm installation. As a part of the ansible playbook, there was a group_var file containing a bunch of template variables which were replaced in the template files with ansible task. I am trying to find a better way to handle this in the shell script. Simple key values are easy to replace but it has some lists too.
Has anyone done anything similar ? I am leaning towards exporting them to environment variables and running envsubst command on the helm values files.
Sample file:
redis-url: url
search-host: host_name
search-port: 9090
rate_limit_external_gateway_max: 6
rate_limit_external_gateway_headers: true
rate_limit_external_gateway_test_mode: true
rate_limit_external_gateway_black_list_headers: [
X-RateLimit-Limit,
X-RateLimit-Remaining,
X-RateLimit-Reset
]
hosts:
- x.domain.com
- y.domain.com
- z.domain.com

How do I connect .env file to config.yml?

I'm currently building a Shopify store and would like to use env variables in Themekit's config.yml file. What I'm confused about is how to connect the .env file to the yml file, since I don't think you can just require dotenv. I have my .env file, and the code below in the config.yml. Thanks!
password: ${DEV_PASSWD}
theme_id: ${DEV_THEMEID}
store: ${DEV_SHOP}
You can't include .env file inside a YAML one. However, you can interpolate variables into your config.yml file using the ${} notation.
To help you interpolate variables, there are special files that can be used to automatically to load environment variables for Theme Kit. The following table lists the file paths for each operating system:
macOs: ${HOME}/Library/Application Support/Shopify/Themekit/variables
Linux/BSD: ${XDG_CONFIG_HOME}/Shopify/Themekit/variables
Windows: %APPDATA%\Shopify\Themekit\variables
Even more, you can use the --vars flag in any command to provide a path to a file for loading variables. The variables file has the same format as most .env type files. But note, the .env file is not interpolated by YAML itself and it cannot be connected using standard YAML include directives. All magic is provided exclusively by shopify and its --vars flag.

Curly braces in a YAML file

I've found the following .travis.yml template.
I've noticed this:
repo: {GITHUB_USER}/{PROJECT_NAME}
Is this a special .yml variable syntax I'm not familiar with? Where can I set these values (GITHUB_USER, PROJECT_NAME)?
I know I can use environment variables, like so:
repo: $GITHUB_USER/$PROJECT_NAME
but this syntax looks different.
That is not a valid YAML file. After the first } the YAML parser will expect a block style continuation. This means either a key that aligns with repo or outdenting. Instead it finds a / and any YAML parser should throw an error on that.
This looks like a template for a YAML file, e.g. using something like the following in Python after loading the contents of the file in string templ:
templ.format(**dict(GITHUB_USER="Janez", PROJECT_NAME="test"))
On the other hand the recommended extension for YAML files has been .yaml for many more years than Travis exists, so maybe that is why they used the .yml extension.

Is there any way to use dotenv with Bitbucket Pipelines?

As the title says, is there any way to use dotenv with Bitbucket Pipelines for CI purposes, while still adding the (perhaps multiple) (.stage).env to .gitignore?
I know Pipeline supports environment variables, and that they can be referenced in bitbucket-pipelines.yml, but I can't figure out how to use dotenv files instead, and vary which file to use based on i.e. branch patterns.
For example, I'd like commits to develop to use .test.env variables, while commits to master instead uses the variables from .prod.env.
Perhaps I'm going down the wrong path? Although other websites use examples of multiple .env files, the library authors discourage that approach. I'm using Zeit Now for hosting, so I can't just SSH a .env file onto the server.
Any advice is very welcome :-)
Create a base64 string out of your .env file. Then copy this string into your environment variables of your pipeline, see here: https://confluence.atlassian.com/bitbucket/environment-variables-794502608.html
For example, your content is now defined in APP_ENV, then you can use this line in your pipeline configuration file:
echo $APP_ENV | base64 --decode --ignore-garbage > ./www/.env
Now it is save because nobody knows your secrets in this file except your pipeline container itself.
This method could be used for all .env-files, also staging files. :)
Rename the files inside your develop pipelines:
mv .test.env .env
or in your master pipelines:
mv .prod.env .env

Register a list of variables from file in ansible

I have a file /tmp/components_list with a content like this:
ComponentA: '1263'
ComponentB: '989'
ComponentC: '1354'
I want to register variables in ansible (without quotes), according to the content of file and use them in the yml code.
So, as a result I need something like that:
- name: Get variables from file
Some actions with a file /tmp/components_list
- name: Using these variables
shell: docker run --name component artifactory:5100/radware/Component:{{ComponentA}}
So it should be a number in the variable ComponentA.
How can I do it by using ansible? Thanks!
You can use include_vars statement, see also How to include vars file in a vars file with ansible?

Resources