- Download script
travis-encrypt.sh
- Make it executable
chmod +x travis-encrypt.sh
- Run the script with
./travis-encrypt.sh -r username/repositoryname -e example
- It will return something like
O+woVD9K+PeFrcyu5GCjKSFvfcSPwDW0kyDYEQnNbwt/iSkqjpl2OPA9W//KEKEB9UUSZD+XmQ3Ij0gnvJnOowcWY5sSeJlVEVTrSer0kW6uWpa/uWzDHCBz2YhBnI6u9SfYfMkhDl22pcaCEwaUkmK2gjcVo+v0bS8vAQFz0Na5/WiKj0GkSX50iIGgfaXheuC8KgIC25T0h+czpap7vb13OlblMnClfyTH9+TmAwTlcV7ljXpv1QY+K72L8jK1/CQVZ8quBYrBwwxO2V6cpXRMMCIw4m4lqxUyN4FBGnq7cJ7BWLzeqSMpFBoP+ZxAqS5yem8KLh1VkEo7PVjCkZE6M+2meFf2VJEVUs/KJY9xnH3eDzipWkwXon2qVpCkT7FDEzGFs/DapYsSo7eCO6pUYYhcpaYpWeYV9DSSV0QcrOeZp664iJMHWPSmrs/lESbbHpKWsM/AFVB9X75q/OB+QU0tQxpReZmKw3ZHbDVMlmlwhP8VSiQ05LV2W6gYzADGiUiL6n1X8teeHEVDSZnD7nrxMD/FchnWI5La3tZeFovRMf6hH3NItW+QZaGaGNftJrP488J/F2hCycPJk3+YrxbBCGHE2X379QbkMz3S0B5UiAcJKmwuTstF6X3CCurZVYIkUGGXhnmalPtVpEqxeTiLw5RU6C9z2qSwhhw=
- It will return something like
- Use the encrypted secret in your
.travis.yml
according to https://docs.travis-ci.com/user/encryption-keys/#Usage
-
-
Save trevor-vaughan/5168693fc2a6ecca7355465343091580 to your computer and use it in GitHub Desktop.
This bash script can be used to encrypt secrets for a Travis CI configuration (`.travis.yml`) with the project specific public key.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
usage() { echo -e "Travis Encrypt Script\nUsage:\t$0 \n -r\t<username/repository> \n -e\t<string which should be encrypted>" 1>&2; exit 1; } | |
while getopts ":r:e:" param; do | |
case "${param}" in | |
r) | |
r=${OPTARG} | |
;; | |
e) | |
e=${OPTARG} | |
;; | |
*) | |
usage | |
;; | |
esac | |
done | |
shift $((OPTIND -1)) | |
if [ -z "${r}" ] || [[ !(${r} =~ [[:alnum:]]/[[:alnum:]]) ]] || [ -z "${e}" ]; then | |
usage | |
fi | |
key_match="\"key\":\"([^\"]+)\"" | |
key_url="https://api.travis-ci.org/repos/${r}/key" | |
request_result=$(curl --silent $key_url) | |
if [[ !($request_result =~ $key_match) ]]; then | |
echo "Couldn't retrieve key from ${key_url}. " | |
usage | |
fi | |
echo -n "${e}" | openssl rsautl -encrypt -pubin -inkey <(echo -e "${BASH_REMATCH[1]}") | openssl base64 -A | |
echo |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment