I am using Rancher secrets, which injects secrets as files into a volume at “/run/secrets” in a Docker container. I have a Spring Boot application which then picks up these secrets from that volume and loads these secure values into my Spring environment context at runtime.
The problem I am having is that when I use Drone I cannot run my integration tests as the application cannot access this volume so cannot load the secrets that are needed for their integrations and therefore all fail. This is due to the fact that this volume is not mounted and available for the pipeline, however there is a limitation where I can only mount a volume from the host and not the drone container volume.
I have been advised that I should rather be using Drone Enterprise to load these secrets so that they are available for my pipeline. However I feel the issue with this is that I would then not be testing the application as it would be used once deployed.
I totally understand using drone secrets/enterpise for storing sensitive info for the CI process, ie Rancher credentials for deploying etc, however my issue is more about supplying the configuration to the application so it can function as it would normally in a production instance.
Does anyone have any other suggestions on how I could go about suppling these sensitive application property files to my application in the drone pipeline.