On a job level environment variable configuration:
The following works when using parameters passed from another pipleline to my template:
Environment Variables
Name: BRANCH
Value: #{PIPELINE_LEVEL_PARAMETER}_INDEX
However, this does not.
Name: BRANCH
Value: ${STAGE_LEVEL_ENVIRONMENT_VARIABLE}_INDEX
in the latter case, it takes the literal value without replacing with the environment variable
Related
im having some issues with global variables. I have this in my template.yaml
Globals:
Function:
Environment:
Variables:
DEV: true
Then I access those variables in code just with
process.env.DEV
But the problem is that variable does not exist. Only ACCESS_AWS_TOKEN is there. Why is that?
Ok.. everything is a string so... use proper condition.
One of the solutions:
process.env.DEV.toLowerCase() === 'true'
Looking at this documentation: https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#-em-env-em-
it says
Update deployment 'registry' with a new environment variable
kubectl set env deployment/registry STORAGE_DIR=/local
Why is there an equals symbol for "STORAGE_DIR is /local" but a slash for "deployment is registry"?
Are they arbitrary?
E.g. could you mix and match as follows:
kubectl set env deployment=registry STORAGE_DIR//local?
Also, why does deployment/registry come in between the set env subcommand and the environment variable being set?
Using resource type/name is a Kubernetes (and kubectl) convention to disambiguate e.g. pod/foo, [custom-resource]/foo from deployment/foo where this may be significant.
You'll see type/name appear frequently in kubectl get output. IIRC the / can be replaced with space e.g. kubectl get deployment foo and the type can likely (!?) be omitted if there's no ambiguity.
Because the kubectl set env command set's env var values in the resource, = is used here to convey the assignment as conveyed by the usage kubectl set env RESOURCE/NAME KEY_1=VAL_1 ... KEY_N=VAL_N.
IMO this command follows conventions: [binary] [group] [[sub-group]] [resource] [flags]. In this case, there's no need to prefix the type/name with a flag (i.e. --resource=type/name) because the resource is required. One tweak, I'd consider for consistency is to prefix --env=KEY_N=VAL_N as this would be consistent with other flags e.g. --namespace=bar but...
Cloud Build Building Python applications example has the lines below which has _REPO_NAME variable specified.
# [START cloudbuild_python_image_yaml]
# Docker Build
- name: 'gcr.io/cloud-builders/docker'
args: ['build', '-t',
'us-central1-docker.pkg.dev/${PROJECT_ID}/${_REPO_NAME}/myimage:${SHORT_SHA}', '.']
The Substituting variable values documentation has $REPO_NAME: the name of your repository but does not have _REPO_NAME.
Please help understand where it is defined and what it is.
With Cloud Build, all the user managed substitution variables start with _. If you variable doesn't have a _, like $REPO_NAME, it's a auto generated environment variable.
Therefore in your example you have to provide the $_REPO_NAME and $_BUCKET_NAME if you want to start your Cloud Build process. Else it will fail because it doesn't know that variable.
Why using $_REPO_NAME instead of $REPO_NAME? IMO, it's a mistake. A developer trick is to replace the auto-generated variable by a user managed variable during the tests. Like that, you don't have to push new code to git to test your build pipeline, you simply have to set that variable manually (with gcloud command).
And it might have been forgotten when that code example has been released. Just an assumption.
I'm deploying my Node apps to Google Cloud Run using Cloud Build and I want to run some tests during the build. My tests require some environment variables, so I have been following this guide to achieve this.
The guide makes the following note:
Note: To use the secret in an environment variable, you need to prefix
the variable name with an underscore "_" and escape the value using
'('. For example: _VARIABLE_NAME=$(cat password.txt) && echo -n
\)_VARIABLE_NAME.
However, I am not quite sure how to implement this.
I have attempted the following in my cloudbuild.yaml.
- id: Execute tests
name: node
args: ['_VAR_ONE=$(cat var-one.txt)', '_VAR_TWO=$(cat var-two.txt)', 'jest -V']
Which returns the following: Error: Cannot find module '/workspace/_VAR_ONE=$(cat var-one.txt)'.
I also tried a few variations of the escape that the above note mentions, but they result in the same error.
What's the best way to get the secrets into my code as environment variables?
Also, if I need to use multiple environment variables, is it better to use Cloud KMS with an .env file?
Thanks!
It looks like you are incorrectly using the entrypoint provided by the node image. You are effectively running the command:
node _VAR_ONE=$(cat var-one.txt) _VAR_TWO=$(cat var-two.txt) jest -V
I want to digress for a moment and say this pattern does not work in Node, you need to specify the environment variables first before calling node, for example VAR_ONE=$(cat foo.txt) VAR_TWO=bar node run test
Anyway, I think what you want to run is:
_VAR_ONE=$(cat var-one.txt) _VAR_TWO=$(cat var-two.txt) jest -V
This is how we will do that - Assuming you have a previous step where you write out the contents of the secret into the files var-one.txt and var-two.txt in a previous step - here is how you would use it in the node step, it's just the standard way you use environment variables when running a command from the command line:
- id: Execute tests
name: node
entrypoint: '/bin/bash'
args:
'-c',
'_VAR_ONE=$(cat var-one.txt) _VAR_TWO=$(cat var-two.txt) jest -V'
]
You need to ensure in the node environment you are using the variables as specified (ie. process.env._VAR_ONE or process.env._VAR_TWO). I don't think you need to have the _ character prefixed here but I haven't tested it to confirm that. You can try the above and it should get you much further I think.
Is there a way to store variables in Cloudformation?
I've created a resource with a name which is a stage specific name in the following form:
DeliveryStreamName: {'Fn::Sub': ['firehose-events-${Stage}', 'Stage': {'Ref' : 'Stage' }]}
Now if I've to create a cloudwatch alarm on that resource I'm again following the same pattern:
Dimensions:
- Value: {'Fn::Sub': ['firehose-events-${Stage}', 'Stage': {'Ref' : 'Stage' }]}
Instead if I could store the whole value in one variable, it would be much easier for me to refer it.
I thought initially storing it in parameters, like this:
Parameters:
FirehoseEvent: {Type:String, Default: 'firehose-events-${Stage}'}
But the stage value doesn't seem to get passed in here. And there is no non default value either for this resource name.
The other option I considered was using mapping, but that defeats the purpose of using ${Stage}.
Is there some other way which I've missed?
Sadly you haven't missed anything. Parameters can't reference other parameters in their definition.
The only way I can think of doing what you which would be through a custom macro. In its simplest form the macro would just perform traditional find-and-replace type of template processing.
However, the time required to develop such macro could be not worth its benefits, at least in this simple example you've provided in the question.