Travis decrypt encrypted secure environment variables
1. Add the following commands to your .travis.yml, MY_ENVIRONMENT_VAR is the environment variable you want to retrieve, MY_ENCRYPTION_KEY a variable for encrypting the MY_ENVIRONMENT_VAR with ccrypt, so it can be transferred securely. After you have the
- sudo apt-get install -y ccrypt - echo $MY_ENVIRONMENT_VAR > my_env_var.txt - ccencrypt my_env_var.txt -K $MY_ENCRYPTION_KEY - cat my_env_var.txt.cpt | base64
2. Commit the above change to a Github branch, which will trigger a Travis CI to run your build with the above commands in your .travis.yml
3. Monitor your travis console log and look for the output from `cat my_env_var.txt.cpt | base64`
4. For example, if the output is ‘Aaabbbccc’, run the following command on your local machine. The 3rd command will prompt you to enter the encryption key, which is the value of MY_ENCRYPTION_KEY from the 3rd command on step 1.
echo `Aaabbbccc` | base64 -d > my_env_var.txt.cpt sudo apt-get install -y ccrypt ccrypt –d my_env_var.txt.cpt cat my_env_var.txt
Another way, instead of logging the content of encrypted file to console, you can upload the encrypted file my_env_var.txt.cpt to a aws s3 bucket, or any other cloud storage, then download the file from there.
References:
https://www.topcoder.com/blog/recover-lost-travisci-variables-two-ways/
https://stackoverflow.com/a/59165606/2069407
Search within Codexpedia
Search the entire web