Feat: define encrypted/secret environment variables

[DirtyF]

- Do you want to request a feature or report a bug?

It's a feature !

- What is the current behavior?

Not being able to store secret credentials in Netlify

- What is the expected behavior?

Being able to store encrypted credentials to external services like an API key.

[verythorough]

@DirtyF I've been thinking about the same thing! Basically a command to sync the build environment variables stored in Netlify's UI with a local .env file.

[DirtyF]

Truth is this feature was asked by @pixelastic because you need to pass Algolia's credentials 🔑 to build you search index and push it to your account ⬆️ .

[pixelastic]

Thanks for the issue @DirtyF :)

What I was actually looking for was a way to define secret environment variables for public repos.

I can't put them in netlify.toml as they will be publicly visible. I could put them in my env variables through the UI and they will be hidden... until someone submits a PR with a deploy preview and a malicious script to display them.

[bcomnes]

Just to confirm, this request is to specifically support better ENV secrete management in our builds bots, similar to what appveyor and travis have, correct?

[bcomnes]

I definitely agree with you, this is critical. This is a platform level change we are current interested in and tracking. Since this doesn't appear to be specifically related to the CLI, I'm going to close this issue. If I've left something CLI specific unaddressed, please let me know and we can re-open. I'm going to do some research to see how far off this is and if its not coming soon, we can perhaps explore a cli related solution.

[pixelastic]

Just to confirm, this request is to specifically support better ENV secrete management in our builds bots, similar to what appveyor and travis have, correct?

Yes, this is what I was looking for