Appveyor secure variable (encrypt/decrypt)

lb.thanh's Avatar

lb.thanh

17 Aug, 2018 02:35 AM

Hi,

I used Tools > Encrypt Data to secure variables defined into appveyor.xml
The first question is:
    What encrypt/decrypt algorithm bebind that tool?
My guess is AppVeyor generated unique password used for encrypt/decrypt.
Like this https://github.com/appveyor/secure-file

Another question is:
From this guide https://www.appveyor.com/docs/how-to/secure-files/
What is format of file when encrypt the content with multi variable keys?
   Ex: secure-file -encrypt <filename.ext> -secret <keyphrase> -out [filename.ext.enc]

I want to decrypt KEY1, KEY2 value during the build process then pass it to python script to do api call to outside service.
[appveyor.xml]
environment:
  KEY1:
     secure: xxxx
  KEY2:
     secure: yyyy
on_success:
- python myscript.py --key1=${KEY1} --key2=${KEY2}

Regards,

  1. 1 Posted by lb.thanh on 17 Aug, 2018 06:00 AM

    lb.thanh's Avatar

    Secure strings feature is currently supported in [environment], [deploy] and [notifications] sections. But how do I run my python script include parameters?

    - python myscript.py --key1=${KEY1} --key2=${KEY2}

  2. Support Staff 2 Posted by Owen McDonnell on 17 Aug, 2018 02:21 PM

    Owen McDonnell's Avatar

    Is this for an Ubuntu or Windows build?

  3. 3 Posted by lb.thanh on 17 Aug, 2018 03:52 PM

    lb.thanh's Avatar

    The worker build is Ubuntu.

  4. Support Staff 4 Posted by Owen McDonnell on 17 Aug, 2018 04:35 PM

    Owen McDonnell's Avatar

    In that case, you should just be able to drop the curly braces. i.e.

    - python myscript.py --key1=$KEY1 --key2=$KEY2
    
  5. 5 Posted by lb.thanh on 17 Aug, 2018 04:43 PM

    lb.thanh's Avatar

    It’s awesome.

    You mean that I don’t need to do decrypt before use secured variable.

    secure-file -decrypt file.enc

  6. 6 Posted by lb.thanh on 17 Aug, 2018 05:24 PM

    lb.thanh's Avatar

    Thank you very much for your support.
    The problem was solved.

    There are many ways to access environment from worker build.
    %var%
    $var
    ${var}

  7. Support Staff 7 Posted by Owen McDonnell on 17 Aug, 2018 06:02 PM

    Owen McDonnell's Avatar

    No problem, glad you got it solved.

  8. Owen McDonnell closed this discussion on 17 Aug, 2018 06:02 PM.

Comments are currently closed for this discussion. You can start a new one.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac