Keep marker in YAML * private / secure * file (Coveralls.io)

Question

Keep marker in YAML * private / secure * file (Coveralls.io)

I am on Coveralls.io and he says:

If you intend to provide coverage data through a private CI or command line other than Travis Pro, add the following line to your .coveralls.yml:
repo_token: k8hiVxiMr6UyolotPFQerkKWwOoYfbB
Note. It is forbidden to publish a repository token.

My question is: what is the best way to include this token in a file .coveralls.yml, but make it private?

One might not have to check .coveralls.ymlfor version control, but it seems very inconvenient. In addition, this can accidentally lead to version control, and then it will be bad.

Another idea would be to make it an env variable, but then how do I read it in YAML? How will this work on CI / CD servers? This is not true.

So what am I doing?

+4

token access-token coveralls

Alexander Mills Jun 27 '17 at 2:31

source share

1 answer

Oluwafemi sule · Answer 1 · 2017-10-11T10:36:37+0000

TL; DR;

Export COVERALLS_REPO_TOKENas an environment variable in a job on your CI server.

In documents

When using CircleCI, Jenkins, Semaphore or Codeship, you must either include your repo token in the .coveralls.yml file, or if you do not want it under source control , install it in the assembly configuration, as described in the "Test Commands" section ( CircleCI) or "Build Commands" (Semaphore) in the project settings:
COVERALLS_REPO_TOKEN=asdfasdf bundle exec rspec spec

Keep marker in YAML * private / secure * file (Coveralls.io)

More articles: