Managing variables and secrets

Variables and Secrets have many uses. They allow the user to provide dynamic assets during deploy and provide means to change the way stage definitions behave. A stage definition can change a variable and another stage definition can use it.

During provisioning a number of built-in variables are also exposed.

Referencing variables

The variables and secrets are referenced by name in various places including in assets such as {{MY_VAR_NAME}}. Variables are read-write and they can be altered at any time.

Referencing secrets

Secrets are identical to variables except they are write only. They can be replaced at any time but they cannot be retrieved and are encrypted.

Creating a variable from console input

This will ask the user for the variable content to be inputed on the command line.

metalcloud-cli variable create --name test2 
Variable content:

Creating a variable using a pipe

This will create a variable using the echo’s output as content:

echo "" | metalcloud-cli  variable create --name vcenter --pipe

Creating a secret from user input

The following will read the content from console but it will mask the user’s input. No output will be shown but the content will be read.

metalcloud-cli secret create --name test3
Secret content:

Creating a secret from pipe

echo "Basic YWRtaW5pc3RyYXRvckB2c3BoZXJlLmxvY2FsOkRlbGxSMGNrcyE=" | metalcloud-cli secret create --name vcenter_creds --pipe