From 407feaaeba3e4e5090172b2d7866bc4f96f409a0 Mon Sep 17 00:00:00 2001 From: Brad Rydzewski Date: Thu, 20 Aug 2015 12:42:13 -0700 Subject: [PATCH] documented encrypted variables --- README.md | 2 +- doc/build/env.md | 7 ++++++- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index e3dc6a661..fe75b3864 100644 --- a/README.md +++ b/README.md @@ -21,7 +21,7 @@ Contributions, questions, and comments are welcomed and encouraged. Drone develo ### Cloning, Building, Running -If you are new to Go, make sure you [install](http://golang.org/doc/install) Go 1.4+ and [setup](http://golang.org/doc/code.html) your workspace (ie `$GOPATH`). Go programs use directory structure for package imports, therefore, it is very important you clone this project to the specified directory in your Go path: +If you are new to Go, make sure you [install](http://golang.org/doc/install) Go 1.5+ and [setup](http://golang.org/doc/code.html) your workspace (ie `$GOPATH`). Go programs use directory structure for package imports, therefore, it is very important you clone this project to the specified directory in your Go path: ``` git clone git://github.com/drone/drone.git $GOPATH/src/github.com/drone/drone diff --git a/doc/build/env.md b/doc/build/env.md index 704dc103d..43f34150e 100644 --- a/doc/build/env.md +++ b/doc/build/env.md @@ -13,7 +13,9 @@ The build environment has access to the following environment variables: ## Private Variables -Drone also lets you to store sensitive data external to the `.drone.yml` and inject at runtime. You can declare private variables in the repository settings screen. These variables are injected into the `.drone.yml` at runtime using the `$$` notation. +You may also store encrypted, private variables in the `.drone.yml` and inject at runtime. Private variables are encrypted using RSA encryption with OAEP (see [EncryptOAEP](http://golang.org/pkg/crypto/rsa/#EncryptOAEP)). You can generate encrypted strings from your repository settings screen. + +Once you have an ecrypted string, you can add to the `secure` section of the `.drone.yml`.These variables are decrypted and injected into the `.drone.yml` at runtime using the `$$` notation. An example `.drone.yml` expecting the `HEROKU_TOKEN` private variable: @@ -29,4 +31,7 @@ deploy: heroku: app: pied_piper token: $$HEROKU_TOKEN + +secure: + HEROKU_TOKEN: ```