1. Resources
  2. /
  3. Plugins
  4. /
  5. cluster-secrets-buildkite-plugin

⚠️ Important This plugin is no longer maintained and has been deprecated. Secrets are no longer scoped to individual clusters, making this plugin unnecessary. Please use the Secrets Buildkite Plugin for managing secrets in your pipelines.

Secrets Buildkite Plugin

A Buildkite plugin used to fetch secrets from Buildkite Secrets

Storing Secrets

There are two options for storing and fetching secrets.

You can create a secret in the Buildkite UI following the instructions in the documentation here.

One at a time

Create a Buildkite secret for each variable that you need to store. Paste the value of the secret into buildkite.com directly.

A pipeline.yml like this will read each secret out into a ENV variable:

steps:
  - command: echo "The content of ANIMAL is \$ANIMAL"
    plugins:
      - cluster-secrets#v1.0.0:
          variables:
            ANIMAL: llamas
            FOO: bar

Multiple

Create a single Buildkite secret with one variable per line, encoded as base64 for storage.

For example, setting three variables looks like this in a file:

Foo=bar
SECRET_KEY=llamas
COFFEE=more

Then encode the file:

cat data.txt | base64

Next, upload the base64 encoded data to buildkite.com in your browser with a key of your choosing - like llamas. The three secrets can be read into the job environment using a pipeline.yml like this:

steps:
  - command: build.sh
    plugins:
      - cluster-secrets#v1.0.0:
          env: "llamas"

Options

key (optional, string)

The key to fetch multiple from Buildkite secrets

variables (optional, object)

Specify a dictionary of key: value pairs to inject as environment variables, where the key is the name of the environment variable to be set, and the value is the Buildkite Secret key.

Testing

You can run the tests using docker-compose:

docker compose run --rm tests

License

MIT (see LICENSE)

The plugins listed on this webpage are provided for informational purposes only. They have not undergone any formal security review or assessment. While we strive to provide useful resources, we cannot guarantee the safety, reliability, or integrity of these plugins. Users are strongly advised to conduct their own security evaluations before downloading, installing, or using any plugin. By using these plugins, you acknowledge and accept any risks associated with their use. We disclaim any liability for any harm or damages arising from the use of the plugins listed.

Start turning complexity into an advantage

Create an account to get started with a 30-day free trial. No credit card required.

Buildkite Pipelines

Platform

  1. Pipelines
  2. Pipeline templates
  3. Public pipelines
  4. Test Engine
  5. Package Registries
  6. Mobile Delivery Cloud
  7. Pricing

Hosting options

  1. Self-hosted agents
  2. Mac hosted agents
  3. Linux hosted agents

Resources

  1. Docs
  2. Blog
  3. Changelog
  4. Webinars
  5. Plugins
  6. Case studies
  7. Events
  8. Migration Services
  9. Comparisons

Company

  1. About
  2. Careers
  3. Press
  4. Brand assets
  5. Contact

Solutions

  1. Replace Jenkins
  2. Workflows for AI/ML
  3. Testing at scale
  4. Monorepo mojo
  5. Bazel orchestration

Legal

  1. Terms of Service
  2. Acceptable Use Policy
  3. Privacy Policy
  4. Subprocessors
  5. Service Level Agreement

Support

  1. System status
  2. Forum
© Buildkite Pty Ltd 2025