Managing Secrets in a central location: Secret Envs filtering

We’ve just released (the first phase of) a new feature called Secret Envs filtering that enables managing secrets in a central location. Now you can set env vars as secrets from within your Workflows, mask them, and with a Script Step, use secrets from an external vault/company’s own service.

We’ve just released (the first phase of) a new feature called Secret Envs filtering that enables managing secrets in a central location. Now you can set env vars as secrets from within your Workflows, mask them, and with a Script Step, use secrets from an external vault/company’s own service.

So far, by default, all Secrets have been handled on the app level on Bitrise. You can reuse Secret keys across multiple Bitrise apps, even if their corresponding values are different for each app.

From now on, it is possible to set up a Secret that holds the same value for all your apps, and manage that Secret from one location. For example, if all your apps need access to the same API, it makes sense to store the Secret containing the API key in a central location. If the API key ever changes, you only need to change it in that single location and the change applies to all your Bitrise apps.

Setting up such a Secret (or multiple Secrets) requires two things:

  • A central vault or database - such as HashiCorp or Doppler - to store the Secrets. It must be accessible via a CLI.
  • A Script Step to access the central vault/database, pull the Secret and set it to sensitive on Bitrise via Envman.

Read the detailed setup guide here.

No items found.

Explore more topics

App development

Best practices from engineers on how to use Bitrise to build better apps, faster.

Community

Meet other Bitrise engineers, technology experts, power users, partners and join our BUGs.

Company

All the updates about Bitrise events, sponsorships, employees, and more.

Insights

Mobile development, latest tech, industry insights, and interviews with experts.

Mobile DevOps

Learn why mobile development is unique and requires a set of unique practices.

Releases

Stay tuned for the last updates, new features, and product improvements.

Get the latest from Bitrise

Join other Mobile DevOps engineers who receive regular emails from Bitrise, filled with tips, news, and best practices.