OSS drone.io works with other services in notifications and deployments.
But once you commit a password or authentication token for other services writes in drone.yml, your sensitive data will be public.
The drone provides “secrets” that encrypting your sensitive data. the official documents describe the way using command line tool, however you can generate the secrets on the Web UI.
At first, open your repository setting page on the drone, and select the “SECRETS” tab.
Input your secrets under environment node as yaml files like below.
Generate and copy the output text into “.drone.sec” file on the top level of repository.
Refer the secrets
You can refer the secrets using $$ in .drone.yml. If hipchat notification settings
notify: hipchat: auth_token: $$HIPCHAT_TOKEN room_id_or_name: 'test' notify: true