Dan*_*ith 25
您不能从我理解的本地解密,但您可以恢复键/值.本质上,它们必须被解密才能在构建过程中使用.
***********@to2.tmate.ioenv.这将打印所有环境变量,因此您将不得不为您的安全变量挖掘一些,但它们将在那里.
Daniel's answer here would probably work, but it relies on the Debug Mode of Travis CI, which is disabled for public repositories by default, due to security concerns.
There is actually another way to do it. It is inspired by, and simplified from this blog post "RECOVER LOST TRAVISCI VARIABLES – TWO WAYS".
Some explanation first:
echo $SECRET would NOT reveal it from console log, because Travis-CI scans all the stdout and filter that particular value. (Duh.)
That's not a bad thing at all, because you won't want your recovered secret shown in the console log available to the world anyway. The solution is to encrypt it with another KNOWN_SECRET, with the help of a command line tool ccrypt which you would need to install.base64 comes in handy, as it is already available on Travis CI's build machines, and in your local git bash (if you are using git on Windows) or in your shell (if you are using Linux).TL;DR: As easy as 1-2-3!
.travis.yml to contain the following content.sudo: required
install:
- sudo apt-get install -y ccrypt
- echo $UNKNOWN_SECRET > info.txt
- ccencrypt info.txt -K $KNOWN_SECRET
- cat info.txt.cpt | base64
Commit the above change to an experimental branch, and trigger a Travis CI run. Browser the console log, to find that line of output, say, A1B2C3D4....
On your local machine, run this:
echo `A1B2C3D4...` | base64 -d > info.txt.cpt
sudo apt-get install -y ccrypt # If you haven't already
ccrypt –d info.txt.cpt
# When prompt, type in the KNOWN_SECRET, and then you will have info.txt in plain text
| 归档时间: |
|
| 查看次数: |
7375 次 |
| 最近记录: |