Using "secure" variables in Maven test command in Travis *.yml file

Question

So I have a .yml file that contains "secure" variables of some of the encrypted values that I need to pass in to a mvn clean test command.

I have something like

language: java
jdk:
  - oraclejdk8
env:
  global:
    # Output of the command, 'travis encrypt MY_SECRET_KEY=super_secret'
    - secure: Q0LjGCaS2LIB0z1XH1Qx4uAmGgG9mIlsZAtdSGbgd4XwRbWM5zPxaRtoe5YJCt4zeAOu9+TYxpqa5kv5EyizY0zSC8dEZQu6Ur7jfre2FaJ9O0sSq72Cn2cTVVXTEQi+CPnaK/pki/NpDSN6Zt82n7ypgxZOInFT+BtcXDK8ok0=
script: # Did I pass the secured variable correctly in the maven clean test command?
  - mvn clean test -Denvironment=QA -DsecretKey=$MY_SECRET_KEY

I passed the variable name that I used in the original "Travis encryption" command. Please have a look above, is that how we are supposed to pass the encrypted global variable so that its decrypted value gets set in the maven clean test command during a build?

I don't know anything about the maven specifics, but otherwise, yes, you used that as intended. — renefritze, Jan 30 '17 at 08:57

score 0 · Answer 1 · edited May 23 '17 at 12:00

Instead of settings secret variable in command line you can evaluate environment variable in your maven pom.xml,

Please put in your pom.xml definition for this variable

<properties>
    <secretKey>${env.MY_SECRET_KEY}</secretKey>
</properties>

One disadvantage is that when you don't have set MY_SECRET_KEY, maven don't resolve this. But you can look into this question: How can I use a default value if an environment variable isn't set for resource filtering in maven?

Using "secure" variables in Maven test command in Travis *.yml file

1 Answers1