DEV Community

loading...

Discussion on: Hide the exported ENV variables from the history

Collapse
franky47 profile image
François Best

You can also use the clipboard, via pbpaste on macOS and xclip on Linux (not sure how to do that on Windows).

Example:

# Copy your NPM deploy token to clipboard, then:
$ travis encrypt $(pbpaste) --add deploy.api_key --com
Enter fullscreen mode Exit fullscreen mode

Then if you call history, you only get

$ history
travis encrypt $(pbpaste) --add deploy.api_key --com
Enter fullscreen mode Exit fullscreen mode

It works wonders for injecting secrets copied from a web browser (tokens, API keys, obtained from an admin panel) in the environment without revealing anything.

Collapse
epranka profile image
Edvinas Pranka Author

Intresting, thanks!

Collapse
jmvallejo profile image
Juan Manuel Vallejo

Thanks for this! It’s what I was looking for