Encrypting Environmental Variables with AppVeyor

In a previous post, I outlined the use of environmental variables with AppVeyor to pass along sensitive information. It appears there’s an alternative method that negates the need to use this workaround. I spotted it while reading a snazzy post entitled A PowerShell Module Release Pipeline by Warren (the PSCookieMonster) and his usage of an encrypted variable for his PowerShell Gallery API key.

AppVeyor offers secure variables and has written up details here on the process. You can stash these directly into the appveyor.yml file. The secure variables are decrypted by the account’s unique key during the testing process.

In order to create a secure variable, navigate to Account > Encrypt Data.

encrypt-data-appveyor

From here, enter the value to encrypt. The results and a sample appveyor.yml snipet will be generated.

encrypt-config-data-appveyor-example

You can now place that encrypted value directly into the project’s repository without having to fret over plain text details being out in the wild. This is handy for using something like the API key value that Warren showcased, or in my usage, securing a test account and test IP address for validating Pester tests. Just make sure to avoid showing what the value of the encrypted variable is during the build process (don’t echo it to the console or report it anywhere in the results).

Next Steps

Please accept a crisp high five for reaching this point in the post!

If you’d like to learn more about Continuous Integration, or other modern technology approaches, head over to the Guided Learning page.

If there’s anything I missed, please reach out to me on Twitter. Cheers! 🙂