change properties secrets env to SECRETS_FILE (#1435)

jenkinsci · Jul 19, 2020 · 3cddb7a · 3cddb7a
1 parent 4db0418
commit 3cddb7a
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 6 deletions.
diff --git a/docs/features/secrets.adoc b/docs/features/secrets.adoc
@@ -205,7 +205,7 @@ Jenkins admins and jobs running on the Jenkins master.
 JCasC will try to resolve secrets via
 link:https://en.wikipedia.org/wiki/.properties[.properties] file if
 `/run/secrets/secrets.properties` exists. To change this
-default file path you can use the environment variable `SECRETS`.
+default file path you can use the environment variable `SECRETS_FILE`.
 This file must be secured through machine ownership and permissions.
 
 == Passing credentials as encrypted text

diff --git a/integrations/src/test/java/io/jenkins/plugins/casc/PropertiesSecretSourceTest.java b/integrations/src/test/java/io/jenkins/plugins/casc/PropertiesSecretSourceTest.java
@@ -18,7 +18,7 @@ public class PropertiesSecretSourceTest {
 
     @Rule
     public RuleChain chain = RuleChain.outerRule(new EnvironmentVariables()
-        .set("SECRETS", getClass().getResource("secrets.properties").getFile()))
+        .set("SECRETS_FILE", getClass().getResource("secrets.properties").getFile()))
         .around(new JenkinsConfiguredWithCodeRule());
 
     @Test

diff --git a/plugin/src/main/java/io/jenkins/plugins/casc/impl/secrets/PropertiesSecretSource.java b/plugin/src/main/java/io/jenkins/plugins/casc/impl/secrets/PropertiesSecretSource.java
@@ -15,8 +15,8 @@
 
 /**
  * This {@link SecretSource} implementation allows to use a .properties file for providing secrets.
- * The default file path is {@code /run/secrets/secrets.properties}, which can be changed via {@code
- * SECRETS} environment variable.
+ * The default file path is {@code /run/secrets/secrets.properties}, which can be changed via
+ * {@code SECRETS_FILE} environment variable.
  *
  * @author <a href="mailto:d.estermann.de@gmail.com">Daniel Estermann</a>
  * @since 1.33
@@ -39,10 +39,10 @@ public Optional<String> reveal(String secret) {
         // lazy initialization
         if (secrets == null) {
             secrets = new Properties();
-            final String secretsEnv = System.getenv("SECRETS");
+            final String secretsEnv = System.getenv("SECRETS_FILE");
             final String secretsPath = secretsEnv == null ? SECRETS_DEFAULT_PATH : secretsEnv;
             final File secretsFile = new File(secretsPath);
-            if (secretsFile.exists()) {
+            if (secretsFile.exists() && secretsFile.isFile()) {
                 try (InputStream input = new FileInputStream(secretsFile)) {
                     secrets.load(input);
                 } catch (IOException ioe) {