Submit Your Ideas

We want to hear from you - vote for the features and improvements you'd most like to see, or submit your own ideas if you don't find them already listed.

Branch specific environment variables

We're using circleci to do deployments from the production branch which not everybody has write access to, but since all branches share the same environment, users could actually deploy from non-protected branches by modifying the circle.yml. It'd be great to restrict the production deployment credentials to just the master branch.

  • Avatar32.5fb70cce7410889e661286fd7f1897de Guest
  • Mar 19 2018
  • Future consideration
  • Attach files
  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    06 Jun 17:17

    Excellent suggestion. We're facing serious security problem cause of this. We need to set differente environment variables values by branch and set users permissions to not edit/remove master variables. 

     

    It's really important for projects shared with remote developer teams.

  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    15 Nov 19:22

    This security concern was also mentioned in "Secure circle.yml file" and "How to protect environment variable from being echo or printed". All other CI providers already provide such feature.