Unable to use/inject secrets as environment variables

[willvincent]

The main reason I opted for this plugin vs the other ecs plugin was that it appeared more complete, and that it clearly indicates the ability to inject secrets as environment variables.

I am, however, completely unable to do so. Ideally I want to pull secrets from aws secrets manager, which I have everything necessary configured on the drone server, and can pull secrets via the cli tool. However, within config for this plugin, whether I try to use the secret_environment_variables or just environment_variables and whether the secret is coming from the amazon secrets external secrets source, or inbuilt drone repo secrets config, no matter what I try the value is always an empty string.

---
kind: secret
name: STG_NODE_ENV
get:
  path: xxxx/staging
  name: NODE_ENV

That ought to be available as STG_NODE_ENV so I would think I should be able to do either of these:

environment_variables:
  - NODE_ENV=${STG_NODE_ENV}

or:

secret_environment_variables:
  - NODE_ENV=STG_NODE_ENV

Neither work, always results the same getting defined in the ecs task definition:

Environment: [{
Name: "NODE_ENV",
Value: ""
}],

I'm dead in the water if I can't populate environment variables!

[willvincent]

SOLVED --

Missing bit to get this working properly is pulling variables into the environment using drone 1.0 from_secret syntax.

IE:

steps:
  - name: ecs
    image: peloton/drone-ecs
    environment:
      APP_KEY:
        from_secret: APP_KEY
    settings:
      secret_environment_variables:
        - APP_KEY

---
kind: secret
name: APP_KEY
get:
  path: my/external/secrets
  name: APP_KEY