Secret Environment Variables with Drone
This is a basic tutorial on adding environment variables inside your public github repo without letting everyone know your true values. Drone will encrypt your values, and the file .drone.sec will store the encrypted variables.
1. Log into Drone and view/activate your Repo
2. Click on the “Secrets” tab.
Insert your environment variables in YAML format and click Generate
1 2 3 4
environment: - DBUSER: root - DBPASSWORD: password123 - DBDATABASE: newdatabase
3. Create a new file called .drone.sec
Insert the encrypted text that drone rendered for you. This file should be in root directory, next to .drone.yml
4. Inside your .drone.yml config
Insert and match the environment variables as shown
1 2 3 4 5
build: environment: - DBUSER=$$DBUSER - DBPASSWORD=$$DBPASSWORD - DBDATABASE=$$DBDATABASE
Commit and Push your code
Drone will include the environment variables so you can have a public repo, without worrying about your database password being stolen.