Encrypting sensitive data
Encrypt your credentials and key files
If you wish to store sensitive information, such as login details or API keys, in environment variables or your configuration file, it is important to encrypt the data to not expose it. You can easily encrypt values and files using the encryption interface in Codemagic.
- Click open your app in Codemagic.
- Click Encrypt variables on the YAML editor window (or click Encrypt environment variables on the right sidebar in the Configuration as code section if you are using the Flutter workflow editor).
- A popup window appears. Paste the value of the variable in the field or upload it as a file.
- Click Encrypt.
- Copy the encrypted value and paste it as the value of the variable.
The encrypted value will look something like this:
If you wish to encrypt a file to add to your workflow, you will first have to base64 encode it and then encrypt the received string. To use the file, you will have to decode it during the build.
On macOS, in order to base64 encode a file and copy the contents to your clipboard, you can run the following command in the terminal:
cat your_file_name.extension | base64 | pbcopy
After the command has been run, you can paste the string from your clipboard to our encryption tool in the Codemagic UI and then save the encrypted string to an environment variable.
Finally, base64 decode it during build time in your scripts section using the following command:
echo $YOUR_ENVIRONMENT_VARIABLE | base64 --decode > /path/to/decode/to/your_file_name.extension