diff --git a/.drone.yml b/.drone.yml
index 46361b7..8d814bf 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -20,9 +20,13 @@ steps:
   - name: Diff badhouseplants
     image: ghcr.io/helmfile/helmfile:canary
     environment:
+      KUBECONFIG_CONTENT:
+        from_secret: KUBECONFIG_CONTENT
       SOPS_AGE_KEY:
         from_secret: SOPS_AGE_KEY
     commands:
+      - mkdir $HOME/.kube
+      - echo $KUBECONFIG_CONTENT | base64 -d > $HOME/.kube/config
       - helmfile -e badhouseplants diff --suppress-secrets
 
   - name: Diff eterosoft
@@ -30,7 +34,11 @@ steps:
     environment:
       SOPS_AGE_KEY:
         from_secret: SOPS_AGE_KEY
+      KUBECONFIG_CONTENT:
+        from_secret: KUBECONFIG_CONTENT
     commands:
+      - mkdir $HOME/.kube
+      - echo $KUBECONFIG_CONTENT | base64 -d > $HOME/.kube/config
       - helmfile -e etersoft diff --suppress-secrets
 
 ---
@@ -55,17 +63,25 @@ steps:
   - name: Apply badhouseplants
     image: ghcr.io/helmfile/helmfile:canary
     environment:
+      KUBECONFIG_CONTENT:
+        from_secret: KUBECONFIG_CONTENT
       SOPS_AGE_KEY:
         from_secret: SOPS_AGE_KEY
     commands:
+      - mkdir $HOME/.kube
+      - echo $KUBECONFIG_CONTENT | base64 -d > $HOME/.kube/config
       - helmfile -e badhouseplants apply --suppress-secrets
 
   - name: Apply eterosoft
     image: ghcr.io/helmfile/helmfile:canary
     environment:
+      KUBECONFIG_CONTENT:
+        from_secret: KUBECONFIG_CONTENT
       SOPS_AGE_KEY:
         from_secret: SOPS_AGE_KEY
     commands:
+      - mkdir $HOME/.kube
+      - echo $KUBECONFIG_CONTENT | base64 -d > $HOME/.kube/config
       - helmfile -e etersoft apply --suppress-secrets
 
 ---
diff --git a/badhouseplants/values/.decrypted~secrets.drone-runner-docker.yaml b/badhouseplants/values/.decrypted~secrets.drone-runner-docker.yaml
new file mode 100644
index 0000000..d63f3e6
--- /dev/null
+++ b/badhouseplants/values/.decrypted~secrets.drone-runner-docker.yaml
@@ -0,0 +1,2 @@
+env:
+    DRONE_RPC_SECRET: qwFYt9UNsZeBhJ9RG5h6dKaKza8kMD