Secrets in YAML

1. Define sensitive data in the GUI with environment variables and use variable keys instead of real values
2. Encrypt the value using Buddy Encryption Tool and provide the encrypted value in the YAML file

Using encrypted variables in YAML

Here we'll show you how to define a password using encrypted variables in YAML using the example of the SFTP action.

1. Open the Variables, Keys & Assets tab in your project and click Add to create a new variable:

Image loading...

2. Add a new variable and mark it as encrypted:

Fill in the Name and Value fields, then check the Masked option to encrypt the variable. You can also check Settable if the variable is to be overwritten. Select the Scope (Workspace, Project, Pipeline) and optionally add a description.

Finally, click Add this variable, to save the variable.

Image loading...

3. With the variable defined, you can now use it in the YAML file:

Image loading...

When you define a variable and use it in a YAML file, Buddy automatically encrypts sensitive data such as passwords – as shown in the second image.

Image loading...

Using encrypted variables in YAML with Buddy Encryption Tool

We shall use the same SFTP action to explain how to define a password with an encrypted value.

1. Navigate to the YAML tab of the pipeline. Click on Helpers and select Encrypt:

Image loading...

2. Enter the value and click Insert value to automatically add the encrypted string to the configuration, or use Copy value to copy it manually and paste it into the YAML file.

Image loading...