Storing encrypted files in source on CircleCI
Switch branches/tags
Nothing to show
Clone or download
bellkev Merge pull request #1 from sylwit/patch-1
Variables must be exported
Latest commit 9e6a676 Apr 26, 2017
Failed to load latest commit information.
.gitignore Initial commit Jul 20, 2016 Variables must be exported Dec 30, 2016
circle.yml Make yaml parser happy Jul 20, 2016
secret-env-cipher Initial commit Jul 20, 2016


This is a simple example of storing encrypted files in source for use in CircleCI builds.

In this example, the gitignored contents of secret-env-plain are:

export FOO=secret
export BAR=alsosecret

If they are encrypted with openssl aes-256-cbc -e -in secret-env-plain -out secret-env-cipher -k $KEY, and $KEY is set in the CircleCI project, the variables in secret-env-plain will be available in the build.

You could use the same process but replace the openssl command in circle.yml with openssl aes-256-cbc -d -in secret-file-cipher -out secret-file-plain -k $KEY to create plaintext files in the build environment instead of just exporting environment variables.