fix(secret): update env values for secret origin ctn

executor/linux/build.go

@@ -12,6 +12,7 @@ import (
 
 	"golang.org/x/sync/errgroup"
 
+	"github.com/go-vela/sdk-go/vela"
 	api "github.com/go-vela/server/api/types"
 	"github.com/go-vela/server/compiler/types/pipeline"
 	"github.com/go-vela/server/constants"
@@ -356,8 +357,27 @@ func (c *client) AssembleBuild(ctx context.Context) error {
 		}
 
 		c.Logger.Infof("creating %s secret", s.Origin.Name)
+
+		// fetch request token if id_request used in origin config
+		var requestToken string
+
+		if len(s.Origin.IDRequest) > 0 {
+			opts := &vela.RequestTokenOptions{
+				Image:    s.Origin.Image,
+				Request:  s.Origin.IDRequest,
+				Commands: len(s.Origin.Commands) > 0 || len(s.Origin.Entrypoint) > 0,
+			}
+
+			tkn, _, err := c.Vela.Build.GetIDRequestToken(c.build.GetRepo().GetOrg(), c.build.GetRepo().GetName(), c.build.GetNumber(), opts)
+			if err != nil {
+				return err
+			}
+
+			requestToken = tkn.GetToken()
+		}
+
 		// create the service
-		c.err = c.secret.create(ctx, s.Origin)
+		c.err = c.secret.create(ctx, s.Origin, requestToken)
 		if c.err != nil {
 			return fmt.Errorf("unable to create %s secret: %w", s.Origin.Name, c.err)
 		}

executor/linux/secret.go

@@ -34,7 +34,7 @@
 )
 
 // create configures the secret plugin for execution.
-func (s *secretSvc) create(ctx context.Context, ctn *pipeline.Container) error {
+func (s *secretSvc) create(ctx context.Context, ctn *pipeline.Container, reqToken string) error {
 	// update engine logger with secret metadata
 	//
 	// https://pkg.go.dev/github.com/sirupsen/logrus#Entry.WithField
@@ -45,6 +45,12 @@
 	ctn.Environment["VELA_HOST"] = s.client.build.GetHost()
 	ctn.Environment["VELA_RUNTIME"] = s.client.build.GetRuntime()
 	ctn.Environment["VELA_VERSION"] = s.client.Version
+	ctn.Environment["VELA_OUTPUTS"] = "/vela/outputs/.env"
+	ctn.Environment["VELA_MASKED_OUTPUTS"] = "/vela/outputs/masked.env"
+
+	if len(reqToken) > 0 {
+		ctn.Environment["VELA_ID_TOKEN_REQUEST_TOKEN"] = reqToken
+	}
 
 	logger.Debug("setting up container")
 	// setup the runtime container
@@ -206,7 +212,7 @@
 		// https://pkg.go.dev/github.com/go-vela/sdk-go/vela#SecretService.Get
 		_secret, _, err = s.client.Vela.Secret.Get(secret.Engine, secret.Type, org, "*", key)
 		if err != nil {
 			return nil, fmt.Errorf("%s: %w", ErrUnableToRetrieve, err)
 		}
 
 		secret.Value = _secret.GetValue()
@@ -223,7 +229,7 @@
 		// https://pkg.go.dev/github.com/go-vela/sdk-go/vela#SecretService.Get
 		_secret, _, err = s.client.Vela.Secret.Get(secret.Engine, secret.Type, org, repo, key)
 		if err != nil {
 			return nil, fmt.Errorf("%s: %w", ErrUnableToRetrieve, err)
 		}
 
 		secret.Value = _secret.GetValue()
@@ -240,7 +246,7 @@
 		// https://pkg.go.dev/github.com/go-vela/sdk-go/vela#SecretService.Get
 		_secret, _, err = s.client.Vela.Secret.Get(secret.Engine, secret.Type, org, team, key)
 		if err != nil {
 			return nil, fmt.Errorf("%s: %w", ErrUnableToRetrieve, err)
 		}
 
 		secret.Value = _secret.GetValue()

executor/linux/secret_test.go

@@ -128,7 +128,7 @@ func TestLinux_Secret_create(t *testing.T) {
 				t.Errorf("unable to create %s executor engine: %v", test.name, err)
 			}
 
-			err = _engine.secret.create(context.Background(), test.container)
+			err = _engine.secret.create(context.Background(), test.container, "")
 
 			if test.failure {
 				if err == nil {