You might have API keys and other secrets that your app needs to consume — either at run time or during a build. However, you might not want to check these secrets into your source code to make them available to your app.
In order to securely propagate your credentials to your build and app, buddybuild provides three sets of variables that you can define:
Let’s get started with Secure Files!
Step 1: Upload a Secure File to buddybuild
Launch the buddybuild dashboard and select App Settings.
In the left navigation, select Build settings, then Secure files.
Select the file you would like to upload and select Upload file
Your file is now ready to be consumed by your app.
Step 2: Consume the secure file in your build
Your secure files are automatically consumed by tools that are expecting them.
2a. Consume in your custom build scripts.
If you would like to access them in your custom build scripts, use the bash variable expansion syntax.
2b. Consume in Android
If you are building an Android app with Gradle (Android Studio),
you can also access them 2 ways inside your
You can access them via
System.getenv(), like this:
signing.keyId=1234567 signing.password=secret signing.secretKeyRingFile= new File(System.getenv("BUDDYBUILD_SECURE_FILES") + "/secring.gpg")
That’s it! For more details, refer to our SDK API guide.