Drone Integration with Kubernetes Secrets

Today Drone.io, the leading open source cloud native continuous integration (CI) and continuous delivery (CD) platform, is announcing the official integration with the Kubernetes secret manager which secures, stores, and tightly controls access to tokens, passwords, certificates, API keys, and other secrets in modern computing. This integration allows you to securely share secrets stored in Kubernetes with your deployment pipelines.

Get Started using Drone.io with Kubernetes

Get started by installing the 0.9 technology preview and by installing the Kubernetes plugin. Once installed, the first step is to create a Kuberetes secret object (below). For demonostration purposes, lets store our Docker registry credentials, used to publish images to Dockerhub.

Kubernetes Secret Create

The secret should be visible in the dashboard once successfully created. Note that you can use the X-Drone-Repos and X-Drone-Events annotations to limit which repositories and pipeline events have access to these secrets.

Kubernetes Secret Info

The next step is to reference the secrets in your .drone.yml configuration file, in the secrets section. In the below example, the secret is referenced as docker#username, where docker is the name of the secret, and username is the data key.

pipeline:
- publish:
    image: plugins/docker
    secrets:
    - docker_username
    - docker_password
    repo: octocat/server

secrets:
  docker_username:
    external:
      name: docker#username

  docker_password:
    external:
      name: docker#password

Drone is modern CI/CD. Container-native and available via open source and as an enterprise on-prem edition. Try it today. Follow us on Twitter @droneio or on Github. Or sign up for our email newsletter to save up to date on all Drone news.