In fact, there are quite a few solutions to this problem:
File as an environment variable
If the contents of the file are short (for example, a password), you can save the entire file as an environment variable, and then add a line like this to the circle.yaml assembly file:
echo $SECURE_FILE > mySecureFile
Variable replacement
If the contents of the file are large, but only a small part of the file is safe, you can save the file in your code repository, and then use sed to replace the fixed line of the environment variable, for example:
sed -es/SECURE_PASSWORD/${SECURE_PASSWORD}/g mySecureFile.tmpl > mySecureFile
Encrypt file
You can encrypt your configuration file and verify it in your source repository, and then save the decryption key as an environment variable. Decrypt it during the assembly process.
Maven Settings.xml Special Case
In the special case of Maven settings.xml files, you can use environment variables in your settings.xml file so you can do something like this:
- Save your settings.xml in conf / settings.xml
- Replace any protected text with something like this:
${env.MY_SECURE_TEXT} - Set
MY_SECURE_TEXT in CI Circle Setting - In circle.yaml, add '-s conf / settings.xml' to your Maven build commands.