Parameters and Secrets
A devfile lets you provide project and personal parameters and secrets to a dev environment. Inside the dev environment, you can reference these parameters and secrets as environment variables.
Provide project parameters and secrets to a dev environment
You can provide a dev environment with parameters and secrets that are common for the entire project, for example, URLs, file paths, common auth tokens, and so on.
To define the required project parameters and secrets, use the project's devfile. A dev environment will take the values from the project's storage of secrets and parameters. The required parameters and secrets are available on a target dev environment as environment variables.
Open the project.
On the project sidebar menu, choose Settings, then Secrets and Parameters.
Click Create and choose Secret or Parameter.
Specify
Key: a parameter name. You will use this name to reference this parameter in the devfile.
Value: a parameter value.
Limitations:
Secrets and parameters exist only in the scope of a particular project. So, if you create a secret or a parameter in one project, you cannot use them in other projects.
Keys of secrets and parameters must be unique within a project. A secret and a parameter with the same key are also not allowed.
A key must be no longer than 128 characters and can only contain alphanumeric characters (
[a-z]
,[A-Z]
,[0-9]
), dashes (-
), or underscores (_
).Keys are case-insensitive.
Max secret's or parameter's value size is 30KB.
To reference the created project secrets and parameters in a devfile, assign them to environment variables. The parameter or secret name (key) must be preceded with the
project:
prefix. For example:# suppose we created a project parameter 'service-url' # and a project secret 'auth-token' schemaVersion: 2.2.0 attributes: space: instanceType: large editor: type: Idea components: - name: dev-container container: env: - name: URL value: '{{ project:service-url }}' - name: TOKEN value: '{{ project:auth-token }}'
Provide personal parameters and secrets to a dev environment
You can require users to provide personal values for particular dev environment parameters and secrets. For example, these could be user credentials for downloading project binary dependencies. The required parameters and secrets are available on a target dev environment as environment variables.
To define the required environment variables (i.e., parameters and secrets), use the project's devfile. When creating a dev environment, a user will be asked to provide variable values. The values must be taken from the personal user storage of secrets and parameters.
To define the required environment variables
Open the devfile in the project repository. If it doesn't exist, create a new one, for example,
.space/devfile.yaml
.Specify the required environment variables. For example, we require an environment variable
DB_USERNAME
(the value is expected to be a plain parameter) and a variableDB_TOKEN
(the value is expected to be a secret):schemaVersion: 2.2.0 attributes: space: instanceType: large editor: type: Idea requiredParameters: - name: DB_USERNAME description: 'Database username' requiredSecrets: - name: DB_TOKEN description: 'Database access token'Commit and push the changes.
After this, when creating a dev environment, a project developer will be required to provide values for the defined secrets and parameters (this has to be done only for the first created environment; all subsequent environments will have these settings pre-defined).
To assign personal secrets and parameters to the required environment variables
On the Personal navigation sidebar, click Dev Environments, then click Environment Variables.
Create a parameter or a secret by clicking New parameter or New secret.
Specify
Key: a parameter/secret name.
Value: a parameter/secret value.
When creating a new dev environment, in the New Dev Environment window, under Environment variables, assign environment variables to the corresponding parameters and secrets.
Note that the specified environment variables are set only in newly created dev environments. There will be no such variables in the existing dev environments.