[ACCEPTED]-Using secret api keys on travis-ci-travis-ci

Accepted answer
Score: 100

Travis has a feature to encrypt environment 10 variables ("Encrypting environment variables"). This can be used to protect 9 your secret API keys. I've successfully 8 used this for my Heroku API key.

All you 7 have to do is install the travis gem, encrypt 6 the string you want and add the encrypted 5 string in your .travis.yml. The encryption is only 4 valid for one repository. The travis command gets 3 your public key for your repo and can then 2 decrypt the string during the build.

gem install --user travis
travis encrypt MY_SECRET_ENV=super_secret -r my_username/my_repo

This 1 gives you the following output:

Please add the following to your .travis.yml file:

  secure: "OrEeqU0z6GJdC6Sx/XI7AMiQ8NM9GwPpZkVDq6cBHcD6OlSppkSwm6JvopTR\newLDTdtbk/dxKurUzwTeRbplIEe9DiyVDCzEiJGfgfq7woh+GRo+q6+UIWLE\n3nowpI9AzXt7iBhoKhV9lJ1MROrnn4DnlKxAEUlHTDi4Wk8Ei/g="
Score: 7

according to this in travis ci documentation 7 it's said that :

If you have both the Heroku 6 and Travis CI command line clients installed, you 5 can get your key, encrypt it and add it 4 to your .travis.yml by running the following 3 command from your project directory:

travis encrypt $(heroku auth:token) --add deploy.api_key

refer 2 to the following tutorial to install heroku client according 1 to your OS

Score: 5

You can also define secret variables in repository settings:

Variables 10 defined in repository settings are the same 9 for all builds, and when you restart an 8 old build, it uses the latest values. These 7 variables are not automatically available 6 to forks.

Define variables in the Repository 5 Settings that:

  • differ per repository.
  • contain sensitive data, such as third-party credentials.

To define variables in Repository 4 Settings, make sure you’re logged in, navigate 3 to the repository in question, choose “Settings” from 2 the cog menu, and click on “Add new variable” in 1 the “Environment Variables” section.

Score: 0

Use a different set of API keys and do it 6 the same way. Your travis box gets setup 5 for your build run and then completely torn 4 down again after your build has finished. You 3 have root access to your box during the 2 build, so you can do whatever you want with 1 it.

More Related questions