I have a node process that does process.env.<SECRET VAR> where <SECRET_VAR> is a created via withSecretVariable. It is very hard to debug but as far as I can tell it is getting "***" as the variable. I have tried use some indirection as well. The equivalent of sh,-c,'PASSWORD=$SECRET_PASSWORD node' and then when the process does proces.env.PASSWORD it still is a series of asterisks. Using secrets directly as command interpolation seems to work, but it doesn't look like a process can access the env variable directly? Is this right? I am running 16.3 version of dagger.
#Software process accessing a secret Env Variable
raven sentinel
raven sentinel
Maybe it is working and I need to debug more. This seemed to work:
export EXAMPLE=BLAH
container | from mirror.fade/node:20 | with-secret-variable ONE env://EXAMPLE | with-exec -- sh -c "node -e 'console.log(process.env.ONE[0])';" | stdout 1.3s
B
wheat yoke
@raven sentinel the *** is secret scrubbing applied to the logs. But the process itself gets the real secret value