search

appleboy / drone-ssh

Drone plugin for executing remote ssh commands
MIT License
251 stars 74 forks source link

Environment variables correct usage #193

Closed DennisGaida closed 1 year ago

DennisGaida commented 2 years ago

I have found this issue: https://github.com/appleboy/drone-ssh/issues/135 and worked from there, I couldn't find this information in the DOCS: https://github.com/appleboy/drone-ssh/blob/master/DOCS.md

I'm trying to pass a variable to the script. The current configuration works for me, I just don't know whether this is "best practice" or how to improve:

[...]
  image: appleboy/drone-ssh
  environment:
    FOO:
      from_secret:  FOO
  settings:
    [...]
    envs:
      - foo
    script:
      - echo "Starting script on '$(hostname)' in '$FOO'"

Instead of environment > from_secret I can also define the env var like so: FOO: BAR.

This seems kind of redundant using environment and envs, both defining "foo" or "FOO". Do I need both? I mean this currently works, it just looks weird in my eyes.

DennisGaida commented 2 years ago

Also I have no clue how to pass environment variables to the plugin when directly running it:

Looking at https://github.com/appleboy/drone-ssh/blob/master/main.go I should be able to use PLUGIN_ENVS or INPUT_ENVS to set environment variables, but I can't get it to work.~~

docker run --rm \
  -e PLUGIN_HOST=foo.com \
  -e PLUGIN_USERNAME=root \
  -e PLUGIN_KEY="$(cat ${HOME}/.ssh/id_rsa)" \
  -e PLUGIN_SCRIPT=whoami \
  -e PLUGIN_DEBUG=1 \
  -e PLUGIN_ENVS="{'FOO':'BAR'}" \
  -v $(pwd):$(pwd) \
  -w $(pwd) \
  appleboy/drone-ssh

the ====ENV=== section is always empty.

EDIT: Got it working because I checked out the test: https://github.com/appleboy/drone-ssh/blob/471976f1d89f9ce4b466afdf05f8dd7b79b28656/plugin_test.go

  1. You have to set an environment variable (e.g. "FOO=BAR")
  2. You reference that evironment variable in PLUGIN_ENVS or INPUT_ENVS

So the following works:

docker run --rm \
  -e PLUGIN_HOST=foo.com \
  -e PLUGIN_USERNAME=root \
  -e PLUGIN_KEY="$(cat ${HOME}/.ssh/id_rsa)" \
  -e PLUGIN_SCRIPT=whoami \
  -e PLUGIN_DEBUG=1 \
  -e FOO=BAR
  -e PLUGIN_ENVS="foo" \
  -v $(pwd):$(pwd) \
  -w $(pwd) \
  appleboy/drone-ssh

[...] output:
======ENV======
FOO='BAR'
======END======

You want multiple environment variables? Define then normally, then just comma separate them in PLUGIN_ENVS. Capitalization doesn't matter:

docker run --rm \
  -e PLUGIN_HOST=foo.com \
  -e PLUGIN_USERNAME=root \
  -e PLUGIN_KEY="$(cat ${HOME}/.ssh/id_rsa)" \
  -e PLUGIN_SCRIPT=whoami \
  -e PLUGIN_DEBUG=1 \
  -e FOO=BAR
  -e BAZ=QUX
  -e PLUGIN_ENVS="foo,BAZ" \
  -v $(pwd):$(pwd) \
  -w $(pwd) \
  appleboy/drone-ssh

[...] output:
======ENV======
FOO='BAR'
BAZ='QUX'
======END======

The weird thing is that the SSH_ORIGINAL_COMMAND seems to now be all of those environment variables concatenated together:

SSH_ORIGINAL_COMMAND=FOO='BAR'
BAZ='QUX'
whoami
CHunYenc commented 2 years ago

Thanks @DennisGaida.

the code can work for me !

steps:
  - name: ssh
    image: appleboy/drone-ssh
    environment:
      PLUGIN_ENVS: SECRET_KEY, REDIS_HOST, REDIS_PORT
      SECRET_KEY:
        from_secret: SECRET_KEY
      REDIS_HOST:
        from_secret: REDIS_HOST
      REDIS_PORT:
        from_secret: REDIS_PORT
    settings:
      host:
        from_secret: ssh_host
      username:
        from_secret: ssh_username
      password:
        from_secret: ssh_password
      port:
        from_secret: ssh_port
      command_timeout: 10m
      script:
        - echo SECRET_KEY = $${SECRET_KEY} > backend/.env
        - echo REDIS_HOST = $${REDIS_HOST} >> backend/.env
        - echo REDIS_PORT = $${REDIS_PORT} >> backend/.env
        - cat backend/.env