R/buildsteps_templates.R
cr_buildstep_decrypt.RdCreate a build step to decrypt files using CryptoKey from Cloud Key Management Service. Usually you will prefer to use cr_buildstep_secret
cr_buildstep_decrypt(cipher, plain, keyring, key, location = "global", ...)The file that has been encrypted
The file location to decrypt to
The KMS keyring to use
The KMS key to use
The KMS location
Further arguments passed in to cr_buildstep
Key Management Store can encrypt secret files for use within your later buildsteps.
You will need to set up the encrypted key using gcloud following the link from Google
Other Cloud Buildsteps:
cr_buildstep_bash(),
cr_buildstep_df(),
cr_buildstep_docker(),
cr_buildstep_edit(),
cr_buildstep_extract(),
cr_buildstep_gcloud(),
cr_buildstep_gitsetup(),
cr_buildstep_mailgun(),
cr_buildstep_nginx_setup(),
cr_buildstep_packagetests(),
cr_buildstep_pkgdown(),
cr_buildstep_run(),
cr_buildstep_r(),
cr_buildstep_secret(),
cr_buildstep_slack(),
cr_buildstep_targets(),
cr_buildstep()
cr_project_set("my-project")
#> ℹ 2022-03-26 19:55:48 > ProjectId set to my-project
#> [1] "my-project"
cr_bucket_set("my-bucket")
#> ℹ 2022-03-26 19:55:48 > Bucket set to my-bucket
#> [1] "my-bucket"
cr_buildstep_decrypt("secret.json.enc",
plain = "secret.json",
keyring = "my_keyring",
key = "my_key"
)
#> [[1]]
#> ==cloudRunnerBuildStep==
#> name: gcr.io/google.com/cloudsdktool/cloud-sdk:alpine
#> args:
#> - gcloud
#> - kms
#> - decrypt
#> - --ciphertext-file
#> - secret.json.enc
#> - --plaintext-file
#> - secret.json
#> - --location
#> - global
#> - --keyring
#> - my_keyring
#> - --key
#> - my_key
#>