This repository has been archived on 2024-04-08. You can view files and clone it, but cannot push or open issues or pull requests.
dagger/docs/core-concepts/1204-secrets.md
user.email d20ffbe8be website: hardcode version banner for 0.1 docs
O.1 docs is deprecated. Let's inform user to switch the the latest version

Signed-off-by: user.email <jf@dagger.io>
2022-04-13 15:58:51 +02:00

1.1 KiB
Raw Blame History

slug displayed_sidebar
/1204/secrets 0.2

How to use secrets

Most operations in client support handling secrets (see Interacting with the client). More specifically, you can:

  • Write a secret to a file;
  • Read a secret from a file;
  • Read a secret from an environment variable;
  • Read a secret from the output of a command;
  • Use a secret as the input of a command.

Environment

The simplest use case is reading from an environment variable:

dagger.#Plan & {
    client: env: GITHUB_TOKEN: dagger.#Secret
}

File

You may need to trim the whitespace, especially when reading from a file:


SOPS

Theres many ways to store encrypted secrets in your git repository. If you use SOPS, here's a simple example where you can access keys from an encrypted yaml file:

myToken: ENC[AES256_GCM,data:AlUz7g==,iv:lq3mHi4GDLfAssqhPcuUIHMm5eVzJ/EpM+q7RHGCROU=,tag:dzbT5dEGhMnHbiRTu4bHdg==,type:str]
sops: ...