BWS_ACCESS_TOKEN variable

Hi all,
I notice that when using the built in variableof BWS_ACCESS_TOKEN as the machine token env var, after using bws run it is deleted. That’s great! But I have a docker image that does things in two steps, both of which need the secrets:

DockerFile calls entrypoint.sh
entrypoint.sh calls start.sh

After the first bws run in the dockerfile the BWS_ACCESS_TOKEN variable is now empty. So I store it in a second variable (ie BWS_ACCESS_TOKEN_TMP), but this persists in the container even when I unset it from inside start.sh (tested by getting to container shell and typing export).

Suggested workarounds? Either an option for bws run to not remove the variable, or another technique I could use to not persist the BWS_ACCESS_TOKEN_TMP variable?

Support helped me out here: use a file to hold the variables.

Dockerfile

ENTRYPOINT bws run --project-id "$BWS_PROJECT_ID" -- '/entrypoint'

entrypoint.sh

echo "Bitwarden Secrets Project ID: $BWS_PROJECT_ID"
printenv > /tmp/env
exec "$@"

start.sh

set -a
source /tmp/env
set +a
rm /tmp/bws.env
unset BWS_ACCESS_TOKEN
unset BWS_PROJECT_ID

This topic was automatically closed 60 minutes after the last reply. New replies are no longer allowed.