Using State Tool on CI/CD

To use the State Tool on CI you likely want to be able to do so without any prompting.

Install without prompts

Our install scripts both have the same usage|install.ps1 [-b branch] [-n] [-t] [-f] [-h]

 -b <branch>      Specify an alternative branch to install from (e.g. master)
 -n               Do not prompt for anything, just install and override any existing executables
 -t <path>        Target directory
 -f <filename>    Filename to use
 -h               Shows usage information (what you are currently reading)

For installing on CI you will want to pass the -n flag to bypass any prompts and use default answers. You can further supplement this with the -t and -f flags to manually specify the target directory and executable name.

If you don’t specify the -t or -f flags, the executable is named state.exe and it is installed in /usr/local/bin (Linux)


Execute the following commands in your terminal to download the state tool installation script and silently install the executable as /opt/state_tool/state_cli.exe.

curl -O -s
chmod +x
./ -b master -n -t /opt/state_tool -f state_cli.exe

Authenticate without prompts or passwords

The State tool will use the following environment variables if they are defined:

  • APIKeyEnvVarName - The API key to use for authentication (this is not sufficient if you’re using secrets).
  • PrivateKeyEnvVarName - The private key to use for decrypting secrets.

Obtaining the API Key

Currently, you can only generate an API Key by calling our API directly. You can use the following curl one liner:

curl -X POST "" \
-H "accept: application/json" -H "Content-Type: application/json" \
-H "Authorization: Bearer `state export jwt`" \
-d "{ \"name\": \"APIKeyForCI\"}"

Notice the APIKeyForCI value, feel free to customize it to something more uniquely applicable to your use-case.

Also notice that this uses the State Tool to obtain the authentication token. So you need to ensure that you run this from a terminal where the State Tool is installed and you are authenticated as the user for which you want to generate an API key.

Obtaining the Private Key

Like the API Key you will need to use a terminal that has the State Tool installed, and the intended user authenticated.

Once authenticated, you can find the private key value at <configdir>/activestate/cli-unstable/private.key.

The configdir varies per platform, but in most cases will be at one of:

  • Windows: %HOME%\AppData\Roaming\activestate\cli-unstable\
  • Linux: ~/config/activestate/cli-unstable/
  • macOS: ~/Library/Application\ Support/activestate/cli-unstable/

The private key environment value expects the actual private key value, not the filepath.