Project Secrets
Retestr allows you to securely store environment variables such as API keys, passwords, and tokens at the project level. These secrets are encrypted at rest and injected into your test runner environment at runtime.
Why use Project Secrets?
- Security: Avoid hardcoding sensitive credentials in your test scripts.
- Convenience: Manage secrets centrally for all your tests within a project.
- Compliance: Secrets are never stored in plain text in the database.
Managing Secrets
- Navigate to Settings -> Project Secrets in the Dashboard.
- Select the Project you want to manage secrets for.
- Click Add Secret.
- Enter the Key (e.g.,
API_TOKEN) and Value. - Click Add Secret.
The secret will be encrypted and stored. You will only see the last 4 characters of the value in the list.
Using Secrets in Tests
Secrets are automatically injected into the process.env of your Playwright test runner. You can access them like any other environment variable.
import { test, expect } from '@playwright/test';
test('login with secret', async ({ page }) => {
await page.goto('https://example.com/login');
await page.fill('#username', 'admin');
await page.fill('#password', process.env.MY_SECRET_PASSWORD); // Injected from Project Secrets
await page.click('#submit');
await expect(page).toHaveURL(/dashboard/);
});
Security Implementation
- Encryption: Secrets are encrypted using AES-256-GCM before being stored in the database.
- Injection: The runner receives decrypted secrets only when executing a job for the specific project.
- Logging: Secrets are redacted in logs where possible, but be careful not to log
process.envdirectly.