Drone: Feature request - Ability to handle mixed case keys for secrets

Created on 12 Jun 2017  路  5Comments  路  Source: drone/drone

This came out of conversations from https://github.com/jmccann/drone-terraform/pull/46 and https://github.com/jmccann/drone-terraform/pull/44.

There are cases like the terraform plugin example where the environment variable mixed cases matters. In the terraform plugin example this forces the variables to be a certain case when terraform doesn't enforce that.

Options so far that have come up.

  1. Plugins implement some sort of mapping to set the casing internally
  2. Docker compose extension
secrets:
  - source: foo
    target: bar
    preserve_case: true
  1. Preserve case at the db level drone secret add --name=foo --value=bar --preserve-case
  2. Make it always case sensitive - Not sure your thoughts on that route @bradrydzewski

I imagine @jmccann also has comments :)

picture josmo

All 5 comments

Make it always case sensitive

I strongly prefer case insensitivity for secrets by default. It is one less thing that can be misconfigured and therefore simplifies support.

Preserve case at the db level drone secret add --name=foo --value=bar --preserve-case

I think this is the option I am leaning toward right now.

Plugins implement some sort of mapping to set the casing internally

I do think we need to understand how many plugins this impacts. If this only impacts a single plugin, we may not be able to justify a change to drone core at this time.

bradrydzewski picture bradrydzewski on 12 Jun 2017
😕1

Drive-by comment, but I find inconsistent case-sensitivity to be confusing. Docker tags are case-sensitive, as are many of the things that run within Drone. It gets to be harder to guess what will happen if there are special cases like this where something is actually case-insensitive.

I wouldn't expect this to substantially reduce support as proposed. Enforcing lowercase for secret names (error'ing if mixed case is encountered) would be more explicit and avoid the behavioral ambiguity (since so many other parts of this stack are case-sensitive).

gtaylor picture gtaylor on 12 Jun 2017
👍1

I don't use docker compose a lot. Just curious if anyone knows how it natively handles case for secrets and if that factors into decision at all or not.

jmccann picture jmccann on 20 Jun 2017

Not sure about compose, but Kubernetes has case-sensitive secrets.

gtaylor picture gtaylor on 20 Jun 2017

this has been fixed in 1.0

bradrydzewski picture bradrydzewski on 11 Feb 2019
👍1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

arne-cl picture arne-cl  路  4Comments
Dentrax picture Dentrax  路  5Comments
francoishill picture francoishill  路  4Comments
xoxys picture xoxys  路  4Comments
donny-dont picture donny-dont  路  5Comments