Managing Secrets in a central location: Secret Envs filtering

We’ve just released (the first phase of) a new feature called Secret Envs filtering that enables managing secrets in a central location. Now you can set env vars as secrets from within your Workflows, mask them, and with a Script Step, use secrets from an external vault/company’s own service.

We’ve just released (the first phase of) a new feature called Secret Envs filtering that enables managing secrets in a central location. Now you can set env vars as secrets from within your Workflows, mask them, and with a Script Step, use secrets from an external vault/company’s own service.

So far, by default, all Secrets have been handled on the app level on Bitrise. You can reuse Secret keys across multiple Bitrise apps, even if their corresponding values are different for each app.

From now on, it is possible to set up a Secret that holds the same value for all your apps, and manage that Secret from one location. For example, if all your apps need access to the same API, it makes sense to store the Secret containing the API key in a central location. If the API key ever changes, you only need to change it in that single location and the change applies to all your Bitrise apps.

Setting up such a Secret (or multiple Secrets) requires two things:

  • A central vault or database - such as HashiCorp or Doppler - to store the Secrets. It must be accessible via a CLI.
  • A Script Step to access the central vault/database, pull the Secret and set it to sensitive on Bitrise via Envman.

Read the detailed setup guide here.

No items found.
The Mobile DevOps Newsletter

Explore more topics

App Development

Learn how to optimize your mobile app deployment processes for iOS, Android, Flutter, ReactNative, and more

Bitrise & Community

Check out the latest from Bitrise and the community. Learn about the upcoming mobile events, employee spotlights, women in tech, and more

Mobile App Releases

Learn how to release faster, better apps on the App Store, Google Play Store, Huawei AppGallery, and other app stores

Mobile DevOps

Learn Mobile DevOps best practices such as DevOps for iOS, Android, and industry-specific DevOps tips for mobile engineers

Mobile Testing & Security

Learn how to optimize mobile testing and security — from automated security checks to robust mobile testing and more.

Product Updates

Check out the latest product updates from Bitrise — Build Insights updates, product news, and more.

The Mobile DevOps Newsletter

Join 1000s of your peers. Sign up to receive Mobile DevOps tips, news, and best practice guides once every two weeks.