Skip to content

Instantly share code, notes, and snippets.

@denzhel

denzhel/travis_ci_list_variables.md

Created June 22, 2022 19:27
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save denzhel/64edf3cc56745d57b9bfae35c15e2051 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save denzhel/64edf3cc56745d57b9bfae35c15e2051 to your computer and use it in GitHub Desktop.
Download ZIP
check travisCI secured env variables
Raw
travis_ci_list_variables.md

I wrote a short script that requires a GitHub PAT(personal access token) from your account and checks if the supplied env is configured as a secure env variable in the repository's travisCI settings:

#!/bin/bash
# list all travisCI repositories and check the configured secured env variables

# decalre and check some variables
if [ -z "${GITHUB_TOKEN}" ]; then
	echo "ERROR: GITHUB_TOKEN variable was not provided"
	exit 1
fi
VARIABLE_TO_CHECK="$1"
if [ -z "${VARIABLE_TO_CHECK}" ]; then
	echo "ERROR: please provide a travis env variable"
	exit 1
fi


# login and token
echo "INFO: logging to Travis CI api"
if ! travis login --pro --github-token "${GITHUB_TOKEN}"; then
	echo "ERROR: travis could not login to the account for some reason"
	exit 1
else
	echo "INFO: login successful"
	echo "INFO: generating Travis CI token"
	TOKEN=$(travis\
		token\
		--pro)
	if [ "$?" != "0" ];  then
		echo "ERROR: token could not be generated"
		exit 1
	else
		echo "INFO: token generated successfully"
	fi
fi

# get all repos that this user can access
GET_ALL_REPOS=$(curl -s \
	-H "Travis-API-Version: 3" \
	-H "Authorization: token ${TOKEN}" \
	https://api.travis-ci.com/repos \
	| jq -r '.repositories | .[]')
GET_ALL_REPO_NAMES=$(echo "${GET_ALL_REPOS}" | jq -r '.name')

# for each repo, print the enviormental variables
if [ -z "${GET_ALL_REPO_NAMES}" ]; then
	echo "ERROR: could not get list of repos"
	exit 1
else
	echo "INFO: getting the travis CI repo id and the configured env variables for each repo"
	for REPO in ${GET_ALL_REPO_NAMES}
	do
		# get the repo's travis id
		REPO_ID=$(echo "${GET_ALL_REPOS}" \
			| jq 'select(.name=="'"${REPO}"'").id')
		if [ -z "${REPO_ID}" ]; then
			echo "WARN: repo id is empty, skipping"
			continue
		else
			# get the repo's configured env variables
			REPO_CONFIGURED_ENV_VARIABLES=$(curl -s \
			-H "Travis-API-Version: 3" \
			-H "Authorization: token ${TOKEN}" \
			https://api.travis-ci.com/repo/"${REPO_ID}"/env_vars \
			| jq -r '.env_vars | .[].name')
			
			# check if provided variable is configured for the current repo
			if echo "${REPO_CONFIGURED_ENV_VARIABLES}" | grep -qw "${VARIABLE_TO_CHECK}"; then
				echo "BINGO: The variable ${VARIABLE_TO_CHECK} is configured in ${REPO}"
			fi

		fi

	done
fi

Usage:

GITHUB_TOKEN=ghp_<hash> ./<scriptName> <variableName>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment