1. Resources
  2. /
  3. Plugins
  4. /
  5. summon-buildkite-plugin

Summon Buildkite Plugin

summon is a tool for fetching secrets from secure storage; this plugin makes it easy to use in Buildkite jobs.

Some reasons you might care:

  • Maybe you’re still hardcoding secrets in your Buildkite pipeline settings? If so, that is bad and you should stop. This plugin helps you stop.
  • You can immediately leverage any of the existing summon secrets providers, so you have flexibility in what secure storage you use.
  • By installing different default providers on different machines, you can fetch secrets appropriately in different locations without changing configuration, e.g., pulling from a local keyring in development but from AWS SM in CI.

Examples

Here’s a simple pipeline configuration:

steps:
  - plugins:
      - angaza/summon#v0.1.0:
          secrets-file: path/to/secrets.yml

The secrets fetched by summon are exported as environment variables to the rest of the step, including subsequent plugins. To use with the Docker Compose plugin, for example:

steps:
  - plugins:
      - angaza/summon#v0.1.0:
          secrets-file: path/to/secrets.yml
      - docker-compose#v2.6.0:
          config: path/to/docker-compose.yml
          run: service-name

Most summon options are supported:

steps:
  - plugins:
      - angaza/summon#v0.1.0:
          secrets-file: path/to/secrets.yml
          provider: summon-s3
          environment: production
          substitutions:
            - REGION=us-east-1

The plugin runs during the post-checkout hook, the earliest point at which the repo is available, since you will typically (but are not required to) reference a checked-in secrets.yml file.

Prerequisites

summon must already be installed in the environment where your agent runs, along with whatever provider(s) will be used.

Tests

You can run the tests for this plugin with:

docker-compose run --rm tests

License

MIT (see LICENSE)

The plugins listed on this webpage are provided for informational purposes only. They have not undergone any formal security review or assessment. While we strive to provide useful resources, we cannot guarantee the safety, reliability, or integrity of these plugins. Users are strongly advised to conduct their own security evaluations before downloading, installing, or using any plugin. By using these plugins, you acknowledge and accept any risks associated with their use. We disclaim any liability for any harm or damages arising from the use of the plugins listed.

Start turning complexity into an advantage

Create an account to get started with a 30-day free trial. No credit card required.

Buildkite Pipelines

Platform

  1. Pipelines
  2. Pipeline templates
  3. Public pipelines
  4. Test Engine
  5. Package Registries
  6. Mobile Delivery Cloud
  7. Pricing

Hosting options

  1. Self-hosted agents
  2. Mac hosted agents
  3. Linux hosted agents

Resources

  1. Docs
  2. Blog
  3. Changelog
  4. Webinars
  5. Plugins
  6. Case studies
  7. Events
  8. Migration Services
  9. Comparisons

Company

  1. About
  2. Careers
  3. Press
  4. Brand assets
  5. Contact

Solutions

  1. Replace Jenkins
  2. Workflows for AI/ML
  3. Testing at scale
  4. Monorepo mojo
  5. Bazel orchestration

Legal

  1. Terms of Service
  2. Acceptable Use Policy
  3. Privacy Policy
  4. Subprocessors
  5. Service Level Agreement

Support

  1. System status
  2. Forum
© Buildkite Pty Ltd 2025