Travis encrypt vars not decoded properly gibberish=[secure]

Question

I'm trying to use some encrypted vars with travis-ci.com and they are not decoding properly when travis executes a build from a commit. You can see when it does the export it's just a gibberish VAR.

The Setup:

1. Running on Ubuntu: buster/sid
2. I've installed ruby-full
3. I've gem installed travis: 1.8.8
4. I've pulled my repo and I'm doing the encryption commands in the folder with .travis.yml
5. It asked me to verify it had the proper repo the first time I ran the encrypt command.
6. I expect I'm getting the proper public key, but it sure doesn't look like it.
7. This is all happening in a docker container.
8. I'm committing to master. No pull request.

Other things I've tried or screwed up already:

1. Single quotes around the var.
2. Multiple vars or missing dash. Having multiple vars changes the format slightly in that they have a "-" in front of secure. The line would then look like: - secure INXfNQealZn84xzQ6M0g...
3. Ran the encryption in the wrong repo folder.

Commands used to generate MYVAR:

root@31ee1eba15d3:~/tigelane/stuff# travis encrypt MYVAR="somestuff" --add env.global
root@31ee1eba15d3:~/tigelane/stuff# tail -3 .travis.yml
env:
  global:
    secure: INXfNQealZn84xzQ6M0gyhqPOeF1GhOZ8g7V6bqqqZbbgPsW1eOUntJOMo/uilvG8j6BbV3SW8kiDjmH4TjrTCKJ4hevzunoKumXXGpiYQNj74LsCPgyiohebyWgf4cP/F71ay6vHzghfGYAnu2svBMHKIFTj8s8aOCVDIo/ntsmkeeRVfOMMMNFbNQEHTqSw0981xYdrMVrISFw/BgEHia0PQn7Ll9YUN0/lQ9AFamyrflfp8dS3toP0fZiPnfgxIaENXS1wsQkCheday6quyAG8j6LE9YUHLq4Yzv5ZyRp/aOivugc8MKA+qAcFGpwhrcAGz5Rbo9lNXFnrcF93mqBs2FO0OLOWExjBryPH5shO/YWGNYWDX8cykOC4+AXmlUMcsgIHihKXSHB0E5Qo+dFyVKKSeLfpLOVHg+utf1thm9pxhW2DGynqCktHS26Bnfhr5Hay2CCYrv+eI8E5sv8ZzqRPDNdtuCsIxO1+UCVfavp9BDW3YxtZg44TNR+fA258SFa7KZtJtG95kOPNwWnBJQiITuu85OjY36pCwsJX0vq883RAOA/jIdNn+eYsyvyHi5cfQGUPD3HGLh9+zN+LQURXHrYu6tfjPjcIk83c37MtGEfmYcwgLzAxYL61SXJbr0IIEVc1x3+sqI72mUtHwsyUxmgpoGVoyZcJrg=

Output I get in the Travis Job log:

Setting environment variables from .travis.yml
$ export sqI72mUtHwsyUxmgpoGVoyZcJrg=[secure]

Output I expected in the Travis Job log:

Setting environment variables from .travis.yml
$ export MYVAR=[secure]

Answer 1

You've forgotten a dash:

env:
  global:
    - secure: INXfNQe…

See https://docs.travis-ci.com/user/environment-variables/#defining-encrypted-variables-in-travisyml

Answer 2

I know the solution, at least in my case. When you use travis encrypt. You should specify whether you're running on the travis-ci.com domain or not. If you are and using like a public github linked to a travis integration. You need to use the --com parameter

Example:

travis encrypt --com "MYVAR='something'"

This gives the correct output. In the manual it doesn't give enough status to this flag, so I glossed over it at first not really sure what it did. Apparently it's because it has a different encryption key.