Overview

When using TestDriver to test your application, you may need to securely store and use sensitive information such as usernames, passwords, API keys, or other secrets. Every DevOps platform provides a secure way to manage these secrets, ensuring they aren’t exposed in your test files or logs.

Why use secrets?

  • Security: Secrets are encrypted and stored securely in your DevOps platform.
  • Masking: TestDriver automatically masks secrets in all test output, including debugging logs.
  • Reusability: Secrets can be reused across multiple workflows and test files.

Step 1: Replace hardcoded secrets in test files

To securely use secrets in your TestDriver test files, replace hardcoded values with placeholders in the format ${TD_YOUR_SECRET}. TestDriver will parse and mask any secrets that begin with TD_.

Example test file

login.yaml
version: 6.0.0
steps:
  - prompt: sign in with username and password
    commands:
      - command: focus-application
        name: Google Chrome
      - command: hover-text
        text: Email or phone
        description: email input field
        action: click
      - command: type
        text: ${TD_USERNAME}
      - command: hover-text
        text: Next
        description: next button after entering email
        action: click
      - command: hover-text
        text: Password
        description: password input field
        action: click
      - command: type
        text: ${TD_PASSWORD}
      - command: hover-text
        text: Log In
        description: log in button
        action: click

Step 2: Add secrets to DevOps platform

In this example we’ll use GitHub Actions, but the process is similar for other platforms like GitLab CI/CD, CircleCI, or Jenkins.
  1. Navigate to your GitHub repository.
  2. Go to Settings > Secrets and variables > Actions.
  3. Click New repository secret.
  4. Add your secrets (for example, TD_USERNAME, TD_PASSWORD, TD_API_KEY).
For detailed instructions, refer to the GitHub Docs on using secrets.

Step 3: Supply secrets to TestDriver CLI

When running TestDriver tests via the CLI in GitHub Actions, supply your secrets in the env section of the workflow step.

Adding secrets to CI

Check out our authentication page to see how to add secrets in your CI workflow.

Best practices

  • Use Descriptive Names: Name your secrets clearly (for example, TD_USERNAME, TD_PASSWORD) to make them easy to identify.
  • Rotate Secrets Regularly: Update your secrets periodically to enhance security.
  • Limit Access: Only provide access to secrets for workflows and team members that require them.

To ensure all secrets are masked in logs, use the TD_ prefix.

Notes

  • Secrets are encrypted and only accessible during the workflow run.
  • TestDriver automatically masks secrets in test output to prevent accidental exposure.
  • For additional security, avoid hardcoding sensitive information in your test files or workflows.