How to insert files as environment variables

Inserting files with Base64

If you need to insert sensitive text-based documents or even small binary files into your project in secret, it is possible to insert them as an environment variable by leveraging base64 encoding.

Base64 is an encoding scheme to translate binary data into text strings. These values can be added to a context or inserted as an environment variable and decoded at runtime.

Encoding your file

You can encode a file via your command line terminal by feeding it directly to base64.

base64 [option] [file]

Note: If you are encoding a file (whether it be a large file or a "binary") for use as a CircleCI environment variable, you should pass the -w 0 option to the command so newlines aren't present in the resulting base64, which will be converted to spaces when added to CircleCI.

Adding your file as an environment variable

You can add the newly encoded file as an environment variable to your project or as a context, depending on your preference.

Environment variables can be configured in the UI under "Project Settings":

project-settings-env-var-v2.png

Contexts can be configured under "Organization Settings":

org-settings-contexts-v2.png

 

Decoding your file within your container

To decode the base64 file from within your container you can use the --decode option.

base64 --decode [file]

If your file is stored as an environment variable, you can pipe it directly to the base64 command to be decoded, storing the result in a file:

echo "$ENV_VARIABLE_NAME" | base64 --decode > filename.txt

If your file is stored as a context, you will also need to add the context to your workflows for the job in which you want to decode your file.

Additional Resources

Was this article helpful?
9 out of 20 found this helpful

Comments

0 comments

Article is closed for comments.