Drone API Secret error 400 - Invalid Secret Name

DevopsOP · November 6, 2018, 3:10pm

Greetings,

I am trying to use the drone api in order to insert secret without the usage of drone cli (web api request).

Here is my command:

 curl -X POST ${DRONE_SERVER}/api/repos/PROJECT/repo/secrets -H 'Authorization: Bearer <Token>' -d '{"name":"foo","value":"bar","image":"plugin/docker","event":["push","tags","deployment"]}' -i

Unfortunately I get this error:

HTTP/1.1 400 Bad Request
Server: nginx/1.13.6
Date: Tue, 06 Nov 2018 15:08:49 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate, value
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Tue, 06 Nov 2018 15:08:49 GMT
X-Content-Type-Options: nosniff
X-Drone-Version: 0.8.7+build.1568
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block
Strict-Transport-Security: max-age=15724800; includeSubDomains;

Error inserting secret. Invalid Secret Name

I have tried changing the name / value but it did not work.

What am I doing wrong? The GET version correctly display the current drone secrets (without the one I am trying to add)

bradrydzewski · November 6, 2018, 10:04pm

The UI uses the API and makes the same API call. I would therefore recommend using Chrome devtools to inspect what a successful API request looks like, and then try to replicate, including headers, etc. If you continue to experience issues, I recommend adding some debug code to the source.

wenbinye · November 28, 2018, 3:17am

I got the same error, then figure out the reason is the command missing “Content-Type: application/json” header. Hope this help.