Working with plugins
Walkthrough of an example using pipeline and secret plugins working together
Typically, plugins are configured as a step in a pipeline and should accept their configuration via environment variables. The below example shows a pipeline and secret plugin working together to publish an image to a registry:
version: "1"
steps:
- name: plugin
image: target/vela-kaniko
pull: always
parameters:
registry: index.docker.io
repo: index.docker.io/octocat/hello-world
secrets:
- name: vault_token
key: go-vela/vault_token
engine: native
type: org
- origin:
name: plugin
image: target/secret-vault
pull: always
secrets: [ vault_token ]
parameters:
addr: vault.example.com
auth_method: token
items:
- source: secret/docker
path: docker
We pass these variables in Vela using the parameters block. Any variable passed to this block, will be injected into the step as PARAMETER_<variable>:
version: "1"
steps:
- name: docker
image: target/vela-kaniko
pull: always
+ parameters:
+ registry: index.docker.io
+ repo: index.docker.io/octocat/hello-world
secrets:
- name: vault_token
key: go-vela/vault_token
engine: native
type: org
- origin:
name: vault
image: target/secret-vault
pull: always
secrets: [ vault_token ]
+ parameters:
+ addr: vault.example.com
+ auth_method: token
+ items:
+ - source: secret/docker
+ path: docker
From the above example, the following environment variables would be added to the containers:
Docker:
PARAMETER_REGISTRY=index.docker.ioPARAMETER_REPO=index.docker.io/octocat/hello-world
Vault:
PARAMETER_ADDR=index.docker.ioPARAMETER_AUTH_METHOD=index.docker.io/octocat/hello-worldPARAMETER_ITEMS={"items": [{"source": "secret/docker"}],"path": "docker"}
Last modified March 20, 2022: docs(plugin): use kaniko image in example (#292) (361ea14c)