Hi, I’m trying to use horde to automate our build pipeline.
This involves a step of using a command-line tool and sending a secret as an argument into that tool.
Now I’m having a bit of a hard time to figure out a nice way of doing this.
It seems to me like the two ways you can do this in BuildScript is to either write the secret to a file or set it as an Environment Variable.
I’ve tried this and I’m not able to get the Environment Variable at any later point after I use <Horde-SetSecretEnvVar>. If I use <EnvVar> and match the name with the name I send into Horde-SetSecretEnvVar then the EnvVar is still just nothing when I log it or write it to disk.
I’ve tried to spawning a CommandPrompt and injecting the secret Environment Variable through parenthaseis tags %EnvVarName%. But that doesn’t work either.
I am able to get it to work with <Horde-GetSecrets> if I write it to a .bat file that has the `{{secret.category}}` tags that gets automatiacally replaced. Then I can create my own .bat file and use that to create the commandline with the secret. This feels very backwards and strange that I have to write the secret to disk before I can use it.
Is there no way of putting a secret into a <Property Name=“SecretInAProperty” Value=“{{secret.category}}”> that I can pass into a <Spawn Exe=“Tool.exe” Arguments=“$(SecretInAProperty)” /> ??
I was expecting Horde-GetSecrets to write the secret into the property that gets passed into it. But I guess that is not the case?
Can you help me clear up how to work with secrets like this?