Reputation: 548
In my .travis.yml
configuration, I'd like to set up deployment to different stages (development/production) depending on the branch that triggered the build. I'm using a shell script to deploy, i.e., the script
provider.
The question: I need to pass a different environment variables for different stages (mostly AWS keys). And these variables need to be encrypted when stored in version control. So, I'd like to do something like this:
deploy:
- provider: script
script: ./deploy.sh development
env:
-secure: <encrypted AWS_* variables for dev>
on:
branch: master
- provider: script
script: ./deploy.sh production
env:
-secure: <encrypted AWS_* variables for prod>
on:
branch: release
The env
key can be used only globally, however. Is it possible somehow to specify the environment only for the specific script and not anything else?
Upvotes: 10
Views: 3069
Reputation: 7985
You accomplish this by restricting an environment variable to a specific branch when you define it using the repository settings in the web interface (I don't know how to do this using your .travis.yaml
). You can create multiple variables with the same name so long as they are restricted to different branches. In your case, create AWS_SECRET_FOO
for master
with your dev credential and AWS_SECRET_FOO
for release
with your production credential.
Regardless, it would be awesome if you could define deployment-specific env vars simply for convenience.
Upvotes: 1
Reputation: 405
You could simply include env in the script tag, e.g. as described here.
All that changes when including encrypted envs is that rather than setting envs public you either add them encrypted to version control by travis encrypt MY_SECRET_ENV=super_secret --add
(Reference) or within the travis envs (e.g. via interface). In your case maybe:
deploy:
- provider: script
script: env SUPER_SECRET_AWS_VARS=<encrypted AWS_* variables for dev> ./deploy.sh development
on:
branch: master
- provider: script
script: env SUPER_SECRET_AWS_VARS=<encrypted AWS_* variables for prod> ./deploy.sh production
on:
branch: release
Upvotes: 0