Skip to content

Instantly share code, notes, and snippets.

@scribu

scribu/generate-key-mac.sh

Forked from floydpink/travis-secure-key-mac.sh
Last active September 7, 2016 14:43
Show Gist options
  • Star 4 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save scribu/6241271 to your computer and use it in GitHub Desktop.
Save scribu/6241271 to your computer and use it in GitHub Desktop.
Download ZIP
Generating secure environment variables for GitHub deployment keys to be used from a Travis-CI build.
Raw
generate-key-mac.sh
#!/usr/bin/env bash
# On OS X, use this script to generate an encrypted deployment key for Travis CI.
# Dependencies:
# gem install travis
# brew install coreutils
if [ $# -lt 1 ]; then
echo "usage: $0 <user>/<repo>"
exit 1
fi
REPO=$1
KEY_DIR=/tmp/travis-deploy-key
mkdir -p $KEY_DIR
echo "Generating key pair..."
ssh-keygen -q -f $KEY_DIR/id_rsa -P ''
echo "Encrypting private key..."
base64 --break=0 $KEY_DIR/id_rsa > $KEY_DIR/id_rsa_base64
ENCRYPTION_FILTER="echo \$(echo \"- secure: \")\$(travis encrypt \"\$FILE='\`cat $FILE\`'\" -r $REPO)"
gsplit --bytes=100 --numeric-suffixes --suffix-length=2 --filter="$ENCRYPTION_FILTER" $KEY_DIR/id_rsa_base64 id_rsa_
echo
echo "1. Add the above lines to your .travis.yml file."
echo "2. Call read-key.sh from your .travis.yml file."
echo "3. Add $KEY_DIR/id_rsa.pub as a deploy key to the destination Github repo."
Raw
read-key.sh
# To reconstitute the private SSH key from within the Travis-CI build (typically from 'before_script')
echo -n $id_rsa_{00..30} >> ~/.ssh/id_rsa_base64
base64 --decode --ignore-garbage ~/.ssh/id_rsa_base64 > ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa
echo -e "Host github.com\n\tStrictHostKeyChecking no\n" >> ~/.ssh/config
@scribu
Copy link
Author

scribu commented Aug 15, 2013

Used for http://github.com/wp-cli/wp-cli

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment