Install Self-Hosted
Get Started on Cloud
BasicsPipelinesActions & ServicesIntegrationsSelf-HostedYAMLBuddy GitTroubleshootingAPI

Secrets in YAML

  1. Define sensitive data in the GUI with environment variables and use variable keys instead of real values
  2. Encrypt the value using Buddy Encryption Tool and provide the encrypted value in the YAML file

Using encrypted variables in YAML

Here we'll show you how to define a password using encrypted variables in YAML using the example of the SFTP action.

  1. Open the Variables, Keys & Assets tab in your project:

Image loading...Variables tab

  1. Add a new variable and mark it as encrypted:

Image loading...Adding encrypted variable

  1. With the variable defined, you can now use it in the YAML file:

Image loading...YAML configuration

Using encrypted variables in YAML with Buddy Encryption Tool

We shall use the same SFTP action to explain how to define a password with an encrypted value.

  1. Navigate to Project Settings in the left menu. Click on YAML tools and select 'Encrypt sensitive value for YAML':

Image loading...Generating new encrypted value

  1. Provide the input value and click Encrypt. A hash will be generated that you can copy and safely use in your YAML file:

Image loading...Setting new encrypted value

Warning
The salt which is used to encrypt the values is unique for each workspace. If you change it, you will need to change all encrypted values in your YAML files. The value should be changed only when you move your pipelines with the export/import option – either to another workspace, or from Cloud to the self-hosted version.

Last modified on Sep 23, 2024

Previous pageVariable encryptionNext pageData in configuration files