Secrets in YAML
- Define sensitive data in the GUI with environment variables and use variable keys instead of real values
- Encrypt the value using Buddy Encryption Tool and provide the encrypted value in the YAML file
Using encrypted variables in YAML
Here we'll show you how to define a password using encrypted variables in YAML using the example of the SFTP action.
- Open the Variables, Keys & Assets tab in your project and click Add to create a new variable:
Image loading...
- Add a new variable and mark it as encrypted:
Fill in the Name
and Value
fields, then check the Masked
option to encrypt the variable.
You can also check Settable
if the variable is to be overwritten.
Select the Scope (Workspace, Project, Pipeline) and optionally add a description.
Finally, click Add this variable
, to save the variable.
Image loading...
- With the variable defined, you can now use it in the YAML file:
Image loading...
When you define a variable and use it in a YAML file, Buddy automatically encrypts sensitive data such as passwords – as shown in the second image.
Image loading...
Using encrypted variables in YAML with Buddy Encryption Tool
We shall use the same SFTP action to explain how to define a password with an encrypted value.
- Navigate to the YAML tab of the pipeline. Click on Helpers and select
Encrypt
:
Image loading...
- Enter the value and click Insert value to automatically add the encrypted string to the configuration, or use Copy value to copy it manually and paste it into the YAML file.
Image loading...
Last modified on Jul 4, 2025