Is it possible to have a locally run robot fetch secrets from Robocorp Cloud Vault?

Tim · November 12, 2020, 9:31am

It certainly is! A few steps are needed:

Figure out workspace ID ( rcc cloud workspace )
Get token ( rcc cloud authorize -w <workspace ID> )
Configure env variables in env.json:

"RC_WORKSPACE_ID": "<workspace ID",
"RC_API_SECRET_HOST": " https://api.eu1.robocloud.eu ",
"RC_API_SECRET_TOKEN":"<Token>"

The token is quite short lived though, but this can certainly be used to make local runs closer to Cloud orchestrated runs.

vgogineni · December 10, 2020, 6:26pm

Hi @Tim,

Is there a way to get the token when needed and place in env.json with robot/ code or do we need to manually update it while running from local?

Tim · December 10, 2020, 8:15pm

Sadly you do need to update it quite often. A small script can act as a helper, this is what I have used:
rcc cloud authorize -w MY_WORKSPACE | python -c 'import sys, json;print(json.load(sys.stdin)["token"]);'

And maybe even plug it into env.json with a script as well

vgogineni · December 11, 2020, 9:43am

Yes, that helps. Thanks @Tim