If you need to insert sensitive text-based documents or even small binary files into your project in secret it is possible to insert them as an environment variable by leveraging base64 encoding.
Base64 is an encoding scheme to translate binary data into text strings. These values can be inserted as an environment variable and decoded at runtime.
You can encode a file via your command line terminal by feeding it directly to base64.
base64 [option] [file]
To then decode the base64 file from within your container you can run the decode option.
base64 --decode [file]
This article is derived from this documents page: https://circleci.com/docs/1.0/google-auth/