问题
I encrypted my .env file, and I now have a .env.enc file. How does my team decrypt this?
I got this response when I encrypted the file, and it is stored in my .travis.yml file
openssl aes-256-cbc -K $encrypted_cf94abc85bdc_key -iv $encrypted_cf94abc85bdc_iv -in .env.enc -out .env -d
I tried that on the terminal and this I just get:
iv undefined
I tried decrypting with the travis-cli:
travis encrypt-file .env.enc .env -d
I just get this:
key must be 64 characters long and a valid hex number
I tried it with the key and iv
travis encrypt-file .env.enc .env -d -K $encrypted_cf94abc85bdc_key -iv $encrypted_cf94abc85bdc_iv
I checked if the travis env variables exist, and they do:
encrypted_cf94abc85bdc_key=[secure]
encrypted_cf94abc85bdc_iv=[secure]
回答1:
Your file is probably decrypted somewhere during the build on Travis. It might be easiest to add a deploy step to the build, so the .env file is uploaded to a place where you can download it yourself.
For details on how to deploy files, check this link or this one specifically for github
Here's a short sample of what I did ;)
in .travis.yml
before_install:
// Somewhere your files are being decrypted
openssl aes-256-cbc -K $encrypted_cf94abc85bdc_key -iv $encrypted_cf94abc85bdc_iv -in .env.enc -out .env -d
// Add a deploy step, which allows you which files to upload
deploy:
file:
- .env /* add the file here, so it will be pushed to github */
api_key: $apikey
on:
repo: <your github repo>
回答2:
Check the output of travis encrypt-file !
Especially the first line:
encrypting <filename> for <repository name>
[..]
You need to be in the correct repo (and use --com if needed) to be sure that Travis will find the generated values it later needs.
来源:https://stackoverflow.com/questions/39460636/travis-ci-decryption-of-encrypted-files