An environment variable plugin that sign repository and build information and export it a as JWS token.
Please note this project requires Drone server version 1.7 or higher.
First, generate a signing key :
DRONE_PRIVATE_KEY="$(openssl genpkey -algorithm ed25519 -outform PEM)"Download and run the plugin:
$ docker run -d \
--publish=3000:80 \
--env=DRONE_DEBUG=true \
--env=DRONE_SECRET=bea26a2221fd8090ea38720fc445eca6 \
--env=DRONE_PRIVATE_KEY="$DRONE_PRIVATE_KEY" \
--restart=always \
--name=drone-env-signedUpdate your runner configuration to include the plugin address and the shared secret.
DRONE_ENV_PLUGIN_ENDPOINT=http://drone-env-signed:3000
DRONE_ENV_PLUGIN_TOKEN=bea26a2221fd8090ea38720fc445eca6
Two environment variables will be added
to your pipelines, DRONE_SIGNED_BUILD and
DRONE_SIGNED_REPO. The JSON structure is defined
here
in the Repo and Build structures.