在 travis-ci 上使用秘密 api 密钥 [英] Using secret api keys on travis-ci
问题描述
I'd like to use travis-ci for one of my projects.
该项目是一个 API 包装器,因此许多测试依赖于秘密 API 密钥的使用.为了在本地进行测试,我只是将它们存储为环境变量.在 Travis 上使用这些密钥的安全方法是什么?
The project is an API wrapper, so many of the tests rely on the use of secret API keys. To test locally, I just store them as environment variables. What's a safe way to use those keys on Travis?
推荐答案
Travis 具有加密环境变量的功能 ("加密环境变量").这可用于保护您的秘密 API 密钥.我已成功将其用于 Heroku API 密钥.
Travis has a feature to encrypt environment variables ("Encrypting environment variables"). This can be used to protect your secret API keys. I've successfully used this for my Heroku API key.
您所要做的就是安装 travis gem,加密您想要的字符串并将加密的字符串添加到您的 .travis.yml 中.加密仅对一个存储库有效.travis 命令获取您的存储库的公钥,然后可以在构建期间解密字符串.
All you have to do is install the travis gem, encrypt the string you want and add the encrypted string in your .travis.yml. The encryption is only valid for one repository. The travis command gets your public key for your repo and can then decrypt the string during the build.
gem install --user travis
travis encrypt MY_SECRET_ENV=super_secret -r my_username/my_repo
这会为您提供以下输出:
This gives you the following output:
Please add the following to your .travis.yml file:
secure: "OrEeqU0z6GJdC6Sx/XI7AMiQ8NM9GwPpZkVDq6cBHcD6OlSppkSwm6JvopTR\newLDTdtbk/dxKurUzwTeRbplIEe9DiyVDCzEiJGfgfq7woh+GRo+q6+UIWLE\n3nowpI9AzXt7iBhoKhV9lJ1MROrnn4DnlKxAEUlHTDi4Wk8Ei/g="
这篇关于在 travis-ci 上使用秘密 api 密钥的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
