Closed Daxcor69 closed 3 years ago
I use git-crypt
to unlock repos inside Docker containers running in GitLab CI runners (self hosted and shared) all the time. This project itself isn't really responsible for that end of things though, the usage in that case is pretty much just like it is in your own host computer.
git-crypt
binary.It's really hard to tell you what to do it your .gitlab-ci.yml
or similar because there are so many ways to implement pipelines and pull tools and secrets together. You really need to understand what the rest of your project does and design the workflow around that, then figure out where you need the secrets and what the best injection point is. GitLab CI has a way to pass secret env vars to runners that you can use to unlock private keys and thus enable access to GPG keys or whatever else.
The workflow file you show above doesn't seem to accomplish anything and I can't figure out what step you are even trying to solve. You're building some docker image, but why? Because it has the tooling for your project? Because you project is a container? Because you want to build a containerized tool to manager your secrets? Until we know better what stage of the problem your are even trying to solve it's not really possible to recommend a solution.
Ok first off I love this product. Thank you.
I am on a steep learning curve but making head way. I am using gitlab to store my repo, I have a pipeline that builds my docker image. I can't for the life of me figure out how to edit the pipeline to unlock the files.. during the build. Here is a template that I am using to build the image. Btw, I am using just the simple key file, for the key. This is using the shared running on gitlab. I am guessing I have to add something to the docker build line. Thank you again for any help you can provide.
Brad