Drop alternative names for secrets in favor of env with from_secret

[Nold360]

Component

other

Describe the bug

I think the description for Secrets - Alternative Names is a bit unclear of HOW exactly secrets are included in the pipeline.

1. Secrets will always become a Environment Variable
2. Environment Variables will always[?] be uppercase(!)

It seems not logical to me that this:

secrets:
- source: docker_prod_password
  target: docker_password

Becomes $DOCKER_PASSWORD as variables can also be lower case in shell.

System Info

next

Additional context

No response

Validations

• Read the Contributing Guidelines.
• Read the docs.
• Check that there isn't already an issue that reports the same bug to avoid creating a duplicate.
• Check that this is a concrete bug. For Q&A join our Discord Chat Server or the Matrix room.

[6543]

hmm I'm thinking if we should just drop this syntax and use from_secret for all things

[lafriks]

Yeah, env definition with from_secret is much easier to use and remember

[janydoe]

I get the following error when I try to use source and target in secrets.

10:11PM ERR github.com/woodpecker-ci/woodpecker/server/pipeline/items.go:85 > Error setting error status of pipeline for mailer/web#12 error="yaml: unmarshal errors:\n  line 1: cannot unmarshal !!str `secret_key` into yaml.Secret\n  line 2: cannot unmarshal !!str `postgre...` into yaml.Secret\n  line 3: cannot unmarshal !!str `postgre...` into yaml.Secret\n  line 4: cannot unmarshal !!str `postgre...` into yaml.Secret\n  line 5: cannot unmarshal !!str `minio_a...` into yaml.Secret\n  line 6: cannot unmarshal !!str `minio_s...` into yaml.Secret\n  line 13: cannot unmarshal !!str `app_use...` into yaml.Secret\n  line 14: cannot unmarshal !!str `mail_se...` into yaml.Secret\n  line 15: cannot unmarshal !!str `mail_se...` into yaml.Secret\n  line 16: cannot unmarshal !!str `tinkoff...` into yaml.Secret\n  line 17: cannot unmarshal !!str `tinkoff...` into yaml.Secret"
10:11PM ERR github.com/woodpecker-ci/woodpecker/server/pipeline/create.go:136 > failure to createPipelineItems for mailer/web error="yaml: unmarshal errors:\n  line 1: cannot unmarshal !!str `secret_key` into yaml.Secret\n  line 2: cannot unmarshal !!str `postgre...` into yaml.Secret\n  line 3: cannot unmarshal !!str `postgre...` into yaml.Secret\n  line 4: cannot unmarshal !!str `postgre...` into yaml.Secret\n  line 5: cannot unmarshal !!str `minio_a...` into yaml.Secret\n  line 6: cannot unmarshal !!str `minio_s...` into yaml.Secret\n  line 13: cannot unmarshal !!str `app_use...` into yaml.Secret\n  line 14: cannot unmarshal !!str `mail_se...` into yaml.Secret\n  line 15: cannot unmarshal !!str `mail_se...` into yaml.Secret\n  line 16: cannot unmarshal !!str `tinkoff...` into yaml.Secret\n  line 17: cannot unmarshal !!str `tinkoff...` into yaml.Secret"

pipeline:
  deploy-to-staging:
    image: ${ORG_REGISTRY}/drone_plugins/docker_stack
    pull: true
    settings:
      name: staging_mailer
    secrets:
      - secret_key
      - postgres_password
      - postgres_user
      - postgres_database
      - minio_access_key
      - minio_secret_key
      - source: staging_smtp_hostname
        target: smtp_hostname
      - source: staging_smtp_username
        target: smtp_username
      - source: staging_smtp_password
        target: smtp_password
      - app_user_admin
      - mail_sender_email
      - mail_sender_name
      - tinkoff_merchant_terminal_key
      - tinkoff_merchant_secret_key
    environment:
      API_IMAGE: ${ORG_REGISTRY}/${CI_REPO}:${CI_COMMIT_SHA:0:8}
    when:
      - event: [push, manual]
        branch: master

What am I doing wrong?

[janydoe]

it looks like we have to use a source and a target for each secret!

pipeline:
  deploy-to-staging:
    image: ${ORG_REGISTRY}/drone_plugins/docker_stack
    pull: true
    settings:
      name: staging_mailer
    secrets:
      - source: secret_key
        target: secret_key
      - source: postgres_password
        target: postgres_password
      - source: postgres_user
        target: postgres_user
      - source: sourcepostgres_database
        target: sourcepostgres_database
      - source: minio_access_key
        target: minio_access_key
      - source: minio_secret_key
        target: minio_secret_key
      - source: staging_smtp_hostname
        target: smtp_hostname
      - source: staging_smtp_username
        target: smtp_username
      - source: staging_smtp_password
        target: smtp_password
      - source: app_user_admin
        target: app_user_admin
      - source: mail_sender_email
        target: mail_sender_email
      - source: mail_sender_name
        target: mail_sender_name
      - source: tinkoff_merchant_terminal_key
        target: tinkoff_merchant_terminal_key
      - source: tinkoff_merchant_secret_key
        target: tinkoff_merchant_secret_key
    environment:
      API_IMAGE: ${ORG_REGISTRY}/${CI_REPO}:${CI_COMMIT_SHA:0:8}
    when:
      - event: [push, manual]
        branch: master

Now it works without an error.