将机密存储在Travis中,而不是在github存储库中
[英]Store secrets in Travis, not in github repo
问题描述
I use this guide for ci, bumpversion, upload to pypi: 
我将此指南用于ci,bumpversion,上传到pypi:
https://github.com/guettli/github-travis-bumpversion-pypi https://github.com/guettli/github-travis-bumpversion-pypi
I like it, except that the secret gets stored in the repo. 我喜欢它,除了秘密被存储在仓库中。
Example: https://github.com/guettli/reprec the file secret-files.tar.enc is in the git repo and it looks strange. 例如: https : //github.com/guettli/reprec文件secret-files.tar.enc在git secret-files.tar.enc中,看起来很奇怪。
Open source lovers don't like unparsable binaries like this. 开源爱好者不喜欢这种不可解析的二进制文件。
Is there a way to store the secret in travis instead of github? 有没有办法将秘密存储在travis中而不是github中?
1 个解决方案
解决方案1
3 已采纳 2017-11-30 13:16:38
Yes. 是。 You can set your secret as an environment variable on Travis, and use it in your program. 您可以在Travis上将机密设置为环境变量,并在程序中使用它。 Others can only know "oh, this guy uses a environment variable called PASSWORD !" 其他人只能知道“哦,这个人使用了一个叫做PASSWORD的环境变量!” and they don't know what the value is. 他们不知道这是什么价值。
Only you and Travis CI know. 只有您和Travis CI知道。
See this doc: https://docs.travis-ci.com/user/environment-variables/ 请参阅此文档: https : //docs.travis-ci.com/user/environment-variables/
If you want to store a secret file, you can create a private github repo, and clone it with your github password stored in the env variables. 如果要存储秘密文件,则可以创建一个私有github存储库,并使用存储在env变量中的github密码克隆它。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.