Jarda Snajdr
Jarda Snajdr

Reputation: 548

Travis CI: How to set environment variables for deployment script only?

In my .travis.yml configuration, I'd like to set up deployment to different stages (development/production) depending on the branch that triggered the build. I'm using a shell script to deploy, i.e., the script provider.

The question: I need to pass a different environment variables for different stages (mostly AWS keys). And these variables need to be encrypted when stored in version control. So, I'd like to do something like this:

deploy:
  - provider: script
    script: ./deploy.sh development
    env:
      -secure: <encrypted AWS_* variables for dev>
    on:
      branch: master
  - provider: script
    script: ./deploy.sh production
    env:
      -secure: <encrypted AWS_* variables for prod>
    on:
      branch: release

The env key can be used only globally, however. Is it possible somehow to specify the environment only for the specific script and not anything else?

Upvotes: 10

Views: 3069

Answers (2)

dcow
dcow

Reputation: 7985

You accomplish this by restricting an environment variable to a specific branch when you define it using the repository settings in the web interface (I don't know how to do this using your .travis.yaml). You can create multiple variables with the same name so long as they are restricted to different branches. In your case, create AWS_SECRET_FOO for master with your dev credential and AWS_SECRET_FOO for release with your production credential.

Regardless, it would be awesome if you could define deployment-specific env vars simply for convenience.

Upvotes: 1

heldic
heldic

Reputation: 405

You could simply include env in the script tag, e.g. as described here.

All that changes when including encrypted envs is that rather than setting envs public you either add them encrypted to version control by travis encrypt MY_SECRET_ENV=super_secret --add(Reference) or within the travis envs (e.g. via interface). In your case maybe:

deploy:
  - provider: script
    script: env SUPER_SECRET_AWS_VARS=<encrypted AWS_* variables for dev> ./deploy.sh development
    on:
      branch: master
  - provider: script
    script: env SUPER_SECRET_AWS_VARS=<encrypted AWS_* variables for prod> ./deploy.sh production
    on:
      branch: release

Upvotes: 0

Related Questions