TOKEN=xxx1, and CI jobs runs successful.TOKEN=xxx2
echo $TOKEN for debug on circleci.yml and got emptyHow can I do to deal with it?
Circle seems a little finicky with their environment variables. You can add env variables into a job like this:
- environment:
-TOKEN: "xxx2"
Here’s the documentation in case you need more info: https://circleci.com/docs/2.0/env-vars/#adding-environment-variables-to-a-job
Thank you for your advice.
The TOKEN is a private key or something, so I cannot write the environment on job configuration. Once I set the variable on config.yml, however, just for debugging.
I get a comment from CircleCI’s support team. It is caused from job setting and develop flow.
The issue here is that the build in question is coming from a fork PR. In your project settings you have this setting “Pass secrets to builds from forked pull requests” disabled
This is actually a good practice because if you enable it, it will get your fork PR to work, but it also means that anyone with access to fork this repository can potentially have access to all of your secrets if you store them as ENV VARs.