Newer
Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
#!/bin/bash
set -e
if [ -z "$GITHUB_TOKEN" ]; then
echo ""
echo "GITHUB_TOKEN environment variable is missing"
echo ""
echo "TRAVIS DEPLOY KEY GENERATOR"
echo ""
echo "What it does : generate a new private and public key, add the public key as a deploy key
with write access to the origin remote github repository, encrypt the private key as
github_deploy_key.enc and add the configuration necessary to use it in .travis.yml file"
echo ""
echo "Use it like this:"
echo ""
echo " GITHUB_TOKEN=\`cat ~/secret/GITHUB_TOKEN\` ./generate_travis_deploy_key"
echo ""
echo "where ~/secret/GITHUB_TOKEN is a file containing a github token with write access to the current repository : (origin)"
echo ""
echo "You must have the travis executable installed on your system and available in the PATH"
echo ""
exit
fi
url="$(git config --get remote.origin.url)"
reponame="$(echo $url | cut -d/ -f2 | cut -d. -f1)"
# generate a new private and public key
ssh-keygen -t rsa -b 4096 -f github_deploy_key -N '' -C $url -q 1>/dev/null
pubkey="$(cat github_deploy_key.pub)"
# add the PUBLIC key to the github repository as a deploy key with write access
curl https://api.github.com/repos/konnectors/$reponame/keys -H "Authorization: token $GITHUB_TOKEN" --data @- << EOF
{
"title": "travis deploy key",
"key": "$pubkey",
"read_only": false
}
EOF
# Synchronize Travis to get latest repo
travis sync --pro
# use travis to encrypt the private key as github_deploy_key.enc and remove the private key
travis encrypt-file github_deploy_key --pro --add --no-interactive -w /tmp/github_deploy_key -f
git add github_deploy_key.enc
# cleaning
rm github_deploy_key
rm github_deploy_key.pub