Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
`encrypt-file` cannot be used for multiple files #239
It seems impossible to use
One can run the command multiple times on different files, but the later invocation overwrites the secure environment variables, invalidating the earlier encryptions.
$ travis encrypt-file --skip-version-check -K 7b758bbf041361268b192d816d60ec84907106015402f31fdc5ae165fdce0979 -iv 7aaf728695ac967003d5345d9be63924 foo1 travis: version unknown
I don't know where the "version unknown" is coming from.
Each file should have its own set of variables (that's why there's a hash in the var name). Do you have an example for this failing?
Here's an example of encrypting multiple files failing:
Note that I ran
I don't think we can pull the decrypted key and iv values once they are uploaded.
Create an archive of sensitive files, and encrypt this archive. In your
$ tar cvf secrets.tar foo bar $ travis encrypt-file secrets.tar $ vi .travis.yml $ git add secrets.tar.enc .travis.yml $ git commit -m 'use secret archive' $ git push
before_install: - openssl aes-256-cbc -K $encrypted_5880cf525281_key -iv $encrypted_5880cf525281_iv -in secrets.tar.enc -out secrets.tar -d - tar xvf secrets.tar
The management might be a little cumbersome still.
I've added the above workarounds to http://docs.travis-ci.com/user/encrypting-files/#Encrypting-multiple-files.