Templating Defaults and Secrets

Secrets

Secrets store sensitive data like API tokens and credentials. Add secrets to workflows via the CLI, then reference them in test files using templates. This prevents hardcoding sensitive values in configuration files.

Adding / Updating Secrets on a Workflow

  • Interactively

    $ fwci secrets update TOKEN MY_TOKEN

Selected workflow: fwci-crystal-core
successfully updated secret for workflow

    If only one workflow exists, it will be automatically selected.

  • Non-interactive

    $ fwci secrets update -w fwci-crystal-core

Selected workflow: fwci-crystal-core
successfully updated secret for workflow

Listing Secrets

List all secrets for a workflow:

$ fwci secrets get

Selected workflow: fwci-crystal-core
Secrets:
0. ANOTHER-TOKEN
1. TOKEN

Referencing Secrets

Reference secrets in test files using the secrets.<secret-name> template syntax.

See Templating Reference for complete syntax details.

binarly.yaml

name: Binarly Scan
description: Test the firmware with Binarly

#The binarly test works without a DUT, therefore we can leave the pre- & post-stage empty
pre-stage: empty
post-stage: empty

stages:
  - name: Binarly Scan
    steps:
      - cmd: binarly report
        name: Binarly Scan
        parameters:
          url: "[[secrets.BinarlyURL]]"
          token: "[[secrets.BinarlyToken]]"
          file_path: "[[input.Binary]]"

Defaults

YAML Anchors reduce redundant configuration in tests. Define anchors under the defaults keyword and reference them using the *anchor_name syntax.

# Boot Test Configuration for ARM-based board
name: Boot Test
description: This test verifies that the ARM-based board boots correctly.

defaults:
  transport: &transport
    proto: ssh
    options:
      host: "[[attributes.Host]]"
      user: root
      password: root

stages:
  - name: Boot Stage
    steps:
      - cmd: ping
        name: Wait for SSH service
        options:
          timeout: 2m
        parameters:
          host: "[[attributes.Host]]"

      - cmd: cmd
        name: Run echo "Hello" on the device
        transport: *transport
        parameters:
          executable: echo
          args: ["Hello"]

      - cmd: cmd
        name: Run echo "World!" on the device
        transport: *transport
        parameters:
          executable: echo
          args: ["World!"]