Skip to content

shahminfikri/secure-file

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

46 Commits

secure-file

secure-file

 
 

.gitattributes

.gitattributes

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

appveyor.yml

appveyor.yml

 
 

build.cmd

build.cmd

 
 

install.ps1

install.ps1

 
 

install.sh

install.sh

 
 

secure-file.sln

secure-file.sln

 
 

Repository files navigation

secure-file

A small command-line utility for encrypting/decrypting arbitrary files using Rijndael method.

High-level scenario of using this utility in AppVeyor CI environment:

  • Encrypt file on development machine.
  • Commit encrypted file to source control.
  • Place "secret" and "salt" within a secure environment variables.
  • Decrypt file during the build.

System requirements:

  • Windows or Linux
  • .NET Core Runtime 2.0

Encrypting file on development machine

Download secure-file utility by running the following PowerShell command on Windows machine:

iex ((New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/appveyor/secure-file/master/install.ps1'))

To install on Linux:

curl -sflL 'https://raw.githubusercontent.com/appveyor/secure-file/master/install.sh' | bash -e -

To encrypt a file on Windows:

appveyor-tools\secure-file -encrypt C:\path-to\filename-to-encrypt.ext -secret MYSECRET1234

To encrypt on Linux:

./appveyor-tools/secure-file -encrypt /path-to/filename-to-encrypt.ext -secret MYSECRET1234

Encrypted file will be saved in the same directory as the input file, but with the .enc extension added. You can optionally specify output file name with the -out parameter. Also, when encrypting the application will output the salt generated to the console so it can be stored.

After that commit the encrypted file to source control.

Decrypting files during an AppVeyor build

Put the "secret" value and the Base64 encoded "salt" value to the project environment variables on the Environment tab of the project settings or in the appveyor.yml as a secure variable:

environment:
  my_secret:
    secure: BSNfEghh/l4KAC3jAcwAjgTibl6UHcZ08ppSFBieQ8E=
  my_salt:
    secure: H/jNH0Wk6Vs7yLu2BDGCve/8VpHrK54Ry7WTPRqf0OKPeFMPY/qxAD0HDY/2lECY6xOS40LozjLgtLkAZdPdHg==

To decrypt the file, add these lines to the install section of your project config:

install:
  - ps: iex ((New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/appveyor/secure-file/master/install.ps1'))
  - cmd: appveyor-tools\secure-file -decrypt path-to\encrypted-filename.ext.enc -secret %my_secret% -salt %my_salt%
  - sh: ./appveyor-tools/secure-file -decrypt path-to/encrypted-filename.ext.enc -secret $my_secret -salt $my_salt

The line starting with cmd: will run on Windows-based images only and the line starting with sh: on Linux.

Note that file won't be decrypted on Pull Request builds as secure variables are not set during PR build.

About

No description, website, or topics provided.

Resources

Readme

License

MIT license

Code of conduct

Code of conduct
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

2 tags

Packages

No packages published

Languages

  • C# 93.7%
  • PowerShell 3.6%
  • Shell 1.9%
  • Batchfile 0.8%