Encrypt Files

Max Korp's Avatar

Max Korp

07 Jun, 2015 07:18 PM

Travis allows encrypting files, not just values: http://docs.travis-ci.com/user/encrypting-files/
This is super useful for adding additional SSH keys etc. I had been trying to take the file content sof a key and encrypt them as an environment variable, and write it to file, but the line endings were mangled. Allowing file encryption would be ideal. I realize tehre's not a command line tool, but just being able to upload the file, and putting it in an "encrypted files" section in the yml would suffice.

  1. Support Staff 1 Posted by Feodor Fitsner on 07 Jun, 2015 08:54 PM

    Feodor Fitsner's Avatar

    Yeah, great suggestion. There is already an item for that: https://github.com/appveyor/ci/issues/261

    - Feodor

  2. Support Staff 2 Posted by Feodor Fitsner on 01 Jul, 2015 10:56 PM

    Feodor Fitsner's Avatar

    It's here! I've just published this: http://www.appveyor.com/docs/how-to/secure-files

  3. 3 Posted by Thomas Fresneau on 17 Aug, 2018 01:53 PM

    Thomas Fresneau's Avatar

    Hi,

    I've followed this guideline http://www.appveyor.com/docs/how-to/secure-files to store sensitive information and retrieve it during the build.
    I've encrypted the file on my dev machine, tested that I can decrypt and retrieve the original file locally.
    However, after setting up Appveyor and running my build, I get an "Error decrypting file. Command exited with code 3".To investigate, I've connected to the build machine and it seems that the environment variable I created for my secret is not present, although I have defined it in the Environment variables section of the project configuration.
    Note also that if I execute the command on the build machine specifying the secret (without trying to get it from the environment variable) it works fine.
    Therefore I am wondering if the install step maybe occurs before the environment variable was created?

    I've attached the appveyor,yml file used for this project.

    Regards,

    Thomas

  4. Support Staff 4 Posted by Owen McDonnell on 17 Aug, 2018 06:16 PM

    Owen McDonnell's Avatar

    Everything looks configured correctly. Environment variables are present at install stage, but they are session specific, which is why when you login and create a new session those environment variables do not show up.
    Do you belong to more than one AppVeyor account? I'm asking in case you are encrypting the secure variable under a different login than the project that you are building.

  5. 5 Posted by Thomas Fresneau on 17 Aug, 2018 06:53 PM

    Thomas Fresneau's Avatar

    I do have access to AppVeyor with 2 accounts (the account owner from which I created this project and another one associated with my personal email address).
    I have tried to encrypt the secret with these 2 different logins and I get the same encrypted secret.
    I have stored this encrypted secret in the Environment tab of the project settings.

  6. Support Staff 6 Posted by Ilya Finkelshte... on 17 Aug, 2018 08:08 PM

    Ilya Finkelshteyn's Avatar

    There is no way encrypted secret can be the same when created from different account. Are you sure you switched between accounts?

  7. 7 Posted by Thomas Fresneau on 17 Aug, 2018 08:13 PM

    Thomas Fresneau's Avatar

    Sorry I was confused by the terminology here (I thought your were talking about users). I am actually using the same account when encrypting the secret and when storing it in the project.

  8. Support Staff 8 Posted by Ilya Finkelshte... on 18 Aug, 2018 12:13 AM

    Ilya Finkelshteyn's Avatar

    You use %secure_file_secret% in PowerShell, but this is CMD environment variable notation. If you decide to use PowerShell it should be $env:secure_file_secret.

  9. Ilya Finkelshteyn closed this discussion on 25 Aug, 2018 02:33 AM.

Comments are currently closed for this discussion. You can start a new one.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac