Secret Env Vars and (Generic) File Storage files: control whether it's available in Pull Request builds

From Guido Marucci Blas on 2016/02/03 15:08:20 +0000

Currently secret env variables are not available for any PR no matter if it is an internal PR or a PR from a forked repo. I would be nice to have grained control over this and allow secret en variables to be visible for PR from the same repo.

Copied from original feature request: http://bitrise.uservoice.com/forums/235233-general/suggestions/11701587-make-secret-env-variables-available-for-prs-from-t

1 Like

From James Courtoy on 2016/08/23 18:09:23 +0000

It would also be nice to allow them for private Github repositories. Perhaps as an option on the Bitrise project that can explicitly enable private vars.

From Bitrise on 2016/07/11 20:27:26 +0000

Security note: https://blog.travis-ci.com/2016-07-07-security-advisory-encrypted-variables

I’d say the best would be to have a toggle for this feature, whether you want to expose Secrets for PR builds or not, instead of only supporting it for pull requests from the same repository.

Might want to make the expose toggle per secret, rather than global. I don’t have a use case, just suggesting that you think about it.

1 Like

Thanks for the feedback, I definitely agree :+1:

Note: the same option should be available for Bitrise File Storage download URLs.

Enable/disable whether a specific file should be available for pull request builds.

Defaults: default should be “yes” (expose) for files, and “no” (don’t expose) for secrets - basically how it works today.

We’re glad to announce that this feature is now available in production on bitrise.io :tada:

Related Changelog / announcements :

Thank you all for your comments and inputs, as wall as for your votes, it helped us a lot to deliver the right feature the right way :slight_smile:

1 Like