I have a Rails app on Github that uses some external API that requires password authentication. Right now I have my credentials for that API in a file that is not in git and some integration tests that use VCR gem, so these tests always fail in Travis because they don't have the credentials for the API. I can't check my VCR cassettes into git because there is still my username in plain text and maybe some other data that would be better not to expose. I guess I could use plain webmock to emulate API responses but I think that would be too cumbersome and error prone.
Is there a way to write tests that use an external API with authentication that would still run on Travis, without exposing my API password on Github?
Your can encrypt your Travis variables using the travis
tool.
You encrypt your variable with travis encrypt FOO=<your passowrd/sensitive data here>
This will print out something like: secure: "djfhfjriwjdncml2948328$+@jdjw"
Then you can use that variable in your envoirmental variables or anywhere else.
For example, if you copy that variable into the environment section, you can securely store your environmental variable.
env:
- secure: "djfhfjriwjdncml2948328$+@jdjw"
Now,the environmental variable FOO Holds your password in a secure manner. To learn more you can read up on this here
I can't check my VCR cassettes into git because there is still my username in plain text and maybe some other data that would be better not to expose.
VCR has support to filter out sensitive data like this:
https://relishapp.com/vcr/vcr/v/2-8-0/docs/configuration/filter-sensitive-data
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With