New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

`travis encrypt` too short #100

Closed
rbpasker opened this Issue Oct 11, 2013 · 10 comments

Comments

Projects
None yet
6 participants
@rbpasker
Copy link

rbpasker commented Oct 11, 2013

I have a 194 character environment variable, but when I try to do a travis encrypt, i get data too large for key size

i'm not sure why there is a size restriction, or how big it is (do i need to do a binary search?), but the fact is that its just too small

compare heroku which allows 16kb for environment variable space, and they have no problem with 194 characters.

https://devcenter.heroku.com/articles/config-vars#limits

@rbpasker

This comment has been minimized.

Copy link
Author

rbpasker commented Oct 11, 2013

on IRC, @henrikhodne made a number of suggestions, such as putting an encrypted file into git, etc., but if bash and heroku let me do it, travis should as well

@roidrage

This comment has been minimized.

Copy link
Contributor

roidrage commented Oct 11, 2013

You're right, we should allow this. Unfortunately, when secure environment variables were implemented, only public key encryption was used. That is what limits the character size currently, which is in turn tied to the bits in the keys.

For the time being, encrypting files would be the recommended way of handling larger values or configurations. Sorry!

@roidrage roidrage closed this Oct 11, 2013

@roidrage

This comment has been minimized.

Copy link
Contributor

roidrage commented Oct 11, 2013

As an aside, we do want to fix the bigger problem at hand, but unfortunately it requires a bit more work, and it's an issue that involves several parts of Travis CI, not just our command line tool.

@rbpasker

This comment has been minimized.

Copy link
Author

rbpasker commented Oct 11, 2013

what is the limit? maybe i can pack more characters in using rad50

@sarahhodne

This comment has been minimized.

Copy link
Contributor

sarahhodne commented Oct 11, 2013

I believe our keys are 1024 bits at the moment, which means 128 bytes, so the entire text to be encrypted (environment variable name + "=" + content) can't be more than 128 bytes.

@rbpasker

This comment has been minimized.

Copy link
Author

rbpasker commented Oct 11, 2013

thanks. i assume this issue has been added to Jira someplace?

@roidrage

This comment has been minimized.

Copy link
Contributor

roidrage commented Oct 11, 2013

We don't have a JIRA, but we do have a fix for this on our internal roadmap.

@eddiejaoude

This comment has been minimized.

Copy link

eddiejaoude commented May 18, 2014

Any movement on this?

@revolunet

This comment has been minimized.

Copy link

revolunet commented Sep 28, 2014

any news on this ?

@rkh

This comment has been minimized.

Copy link
Member

rkh commented Sep 29, 2014

Unfortunately, the size limit is of technical nature and not easy for us to fix in place.

However, we do have two alternative solutions now:

Maybe we should point to those in the error message.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment