docs: move documentation for the secrets option to parameter list (#286)

xoxys · web-flow · commit d16fd6376b53 · 2023-06-29T21:30:58.000+02:00
diff --git a/_docs/content/_index.md b/_docs/content/_index.md
@@ -27,7 +27,7 @@ The tags follow the major version of Docker, e.g. `20`, and the minor and patch
 Be aware that the this plugin requires [privileged](https://docs.drone.io/pipeline/docker/syntax/steps/#privileged-mode) capabilities, otherwise the integrated Docker daemon is not able to start.
 {{< /hint >}}
 
-```YAML
+```yaml
 kind: pipeline
 name: default
 
@@ -58,7 +58,7 @@ If the created image is to be pushed to registries other than the default Docker
 
 **GHCR:**
 
-```YAML
+```yaml
 kind: pipeline
 name: default
 
@@ -76,7 +76,7 @@ steps:
 
 **AWS ECR:**
 
-```YAML
+```yaml
 kind: pipeline
 name: default
 
@@ -95,35 +95,11 @@ steps:
       tags: latest
 ```
 
-#### Expose secrets to the build
-
-The [secrets](https://docs.docker.com/engine/reference/commandline/buildx_build/#secret) can be used by the build using `RUN --mount=type=secret` mount.
-
-```Yaml
-kind: pipeline
-name: default
-
-steps:
-  - name: docker
-    image: thegeeklab/drone-docker-buildx:23
-    privileged: true
-    environment:
-      SECURE_TOKEN:
-        from_secret: secure_token
-    settings:
-      secrets:
-        - "id=raw_file_secret\\\\,src=file.txt"
-        - 'id=other_raw_file_secret\\,src=other_file.txt'
-        - "id=SECRET_TOKEN"
-```
-
-To use secrets from files a [host volume](https://docs.drone.io/pipeline/docker/syntax/volumes/host/) is required. This should be used with caution and avoided whenever possible.
-
 ## Build
 
 Build the binary with the following command:
 
-```Shell
+```shell
 export GOOS=linux
 export GOARCH=amd64
 export CGO_ENABLED=0
@@ -134,13 +110,13 @@ make build
 
 Build the Docker image with the following command:
 
-```Shell
+```shell
 docker build --file docker/Dockerfile.amd64 --tag thegeeklab/drone-docker-buildx .
 ```
 
 ## Test
 
-```Shell
+```shell
 docker run --rm \
   -e PLUGIN_TAG=latest \
   -e PLUGIN_REPO=octocat/hello-world \
diff --git a/_docs/data/data.yaml b/_docs/data/data.yaml
@@ -75,15 +75,16 @@ properties:
     description: |
       Content of the docker buildkit toml [config](https://github.com/moby/buildkit/blob/master/docs/buildkitd.toml.md). Example:
 
-      ```TOML
-      - name: Build
-        image: thegeeklab/drone-docker-buildx:23
-        settings:
-          repo: example/repo
-          buildkit_config: |
-          [registry."registry.local:30081"]
-            http = true
-            insecure = true
+      ```yaml
+      steps:
+        - name: Build
+          image: thegeeklab/drone-docker-buildx:23
+          settings:
+            repo: example/repo
+            buildkit_config: |
+            [registry."registry.local:30081"]
+              http = true
+              insecure = true
       ```
     type: string
     defaultValue: false
@@ -163,15 +164,16 @@ properties:
       Images to consider as [cache sources](https://docs.docker.com/engine/reference/commandline/buildx_build/#cache-from). To properly work,
       commas used in the cache source entries need to be escaped:
 
-      ```Yaml
-      - name: Build
-        image: thegeeklab/drone-docker-buildx:23
-        settings:
-          repo: example/repo
-          cache_from:
-            # using quotes double-escaping is required
-            - "type=registry\\\\,ref=example"
-            - 'type=foo\\,ref=bar'
+      ```yaml
+      steps:
+        - name: Build
+          image: thegeeklab/drone-docker-buildx:23
+          settings:
+            repo: example/repo
+            cache_from:
+              # while using quotes, double-escaping is required
+              - "type=registry\\\\,ref=example"
+              - 'type=foo\\,ref=bar'
       ```
     type: list
     required: false
@@ -267,6 +269,27 @@ properties:
     required: false
 
   - name: secrets
-    description: Exposes [secrets](https://docs.docker.com/engine/reference/commandline/buildx_build/#secret) to the build.
+    description: |
+      Exposes [secrets](https://docs.docker.com/engine/reference/commandline/buildx_build/#secret) to the build.
+      The secrets can be used by the build using `RUN --mount=type=secret` mount.
+
+      ```yaml
+      steps:
+        - name: Build
+          image: thegeeklab/drone-docker-buildx:23
+          privileged: true
+          environment:
+            SECURE_TOKEN:
+              from_secret: secure_token
+          settings:
+            secrets:
+              # while using quotes, double-escaping is required
+              - "id=raw_file_secret\\\\,src=file.txt"
+              - 'id=other_raw_file_secret\\,src=other_file.txt'
+              - "id=SECRET_TOKEN"
+      ```
+
+      To use secrets from files a [host volume](https://docs.drone.io/pipeline/docker/syntax/volumes/host/) is required.
+      This should be used with caution and avoided whenever possible.
     type: list
     required: false
