Skip to content

Latest commit

 

History

History
45 lines (31 loc) · 1.65 KB

DOCS.md

File metadata and controls

45 lines (31 loc) · 1.65 KB

Overview (Drone 0.6+)

Credentials

drone-gae requires a Google service account and uses it's JSON credential file to authenticate.

The plugin expects the credential in the GAE_CREDENTIALS environment variable. See the official documentation for uploading secrets.

Creating and updating GAE applications requires specific GCP roles. Refer to GAE Access Control definitions to find out what role(s) the Service Account should be assigned. Use least permissible role for the tasks required.

Either:

  • a) Name the secret GAE_CREDENTIALS and include it in the secrets block
  • b) Follow "Alternate Names" in the doc, setting the target to GAE_CREDENTIALS

Expanding environment variables

It may be desired to reference an environment variable for use in the App Engine configuration files or the service's environment. The plugin will automatically expand the environment variable for the variables in vars and ae_environment.

For example when trying to using a secret in Drone to configure an environment variable through vars:

# .drone.yml
vars:
  TOKEN: $${SECRET}
secrets: [secret]
# app.yaml
env_variables:
  API_TOKEN: {{ .TOKEN }}

To use $${SECRET} or $SECRET, see the Drone docs about preprocessing. ${SECRET} will be preprocessed to an empty string.