How to have sensitive data like API credentials included in the build but not part of public repository


#1

Hi!

I’d like to test my package that connects to Box with API credentials. Even though this API key is generated purely for a developer account and there’s nothing to be done with it, it would be nice if I didn’t have to make it part of a public repository. Is there a way to get a client id, client secret, public and private key onto the deployment test machine without including it in the public repository that travis will clone?


#2

I’ve discovered Environment variables, I think they’ll be suited for this.


#3

Use secret environment variables in Travis settings.