Question about using environment variables in Summon

We have integrated DAP with our PCF environment and users are using Summon to map their secrets. In the interest of code portability, our customers would like to use the same secrets.yml file in QA and Production. Our secrets.yml file looks like this:

AAP_PASS: !var $ENVIRONMENT-CyberArkVault/PCF/DAP_PCF_STAC/AppAuthPersistence_Password/password
VLO_ID: !var $ENVIRONMENT-CyberArkVault/PCF/DAP_PCF_STAC/VarianceLogOAuth_ClientID/password
VLO_SECRET: !var $ENVIRONMENT-CyberArkVault/PCF/DAP_PCF_STAC/VarianceLogOAuth_ClientSecret/password

We have tried setting the ENVIRONMENT variable in manifest.yml and also using ‘cf set-env’, but are having no luck. Has anyone gotten something similar to work? I see this on the Conjur buildpack page that seems to indicate that it can. https://github.com/cyberark/cloudfoundry-conjur-buildpack#using-the-conjur-buildpack

Hey @chris_barber!

Summon supports app environments (where you can set different variable paths for different envs like dev or prod), but the buildpack does not currently support this. I’ve logged an issue here to add this support.

We welcome contributions to this project if you’d like to add this support yourself, but you can also keep an eye on this GitHub issue to see if we’ve started to work on it and find out when this change may be available in a new buildpack release.

2 Likes

Thank you for your help!