Daniel P. Shannon phyllisstein
kzap
/ gist:5819745
Last active
July 14, 2024 16:13
If you want to give only Travis-CI access to a private key or secret file in your repository, you will need to encrypt it, but rather than storing the entire encrypted file in an environment variable, just store the a secret password in a secure environment variable that you will use to encrypt and decrypt your private key file. The encryption o…
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # generate your private key, put the public key on the server you will be connecting to | |
| ssh-keygen -t rsa -f ./my_key | |
| # generate the password/secret you will store encrypted in the .travis.yml and use to encrypt your private key | |
| cat /dev/urandom | head -c 10000 | openssl sha1 > ./secret | |
| # encrypt your private key using your secret password | |
| openssl aes-256-cbc -pass "file:./secret" -in ./my_key -out ./my_key.enc -a | |
| # download your Travis-CI public key via the API. eg: https://api.travis-ci.org/repos/travis-ci/travis-ci/key |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This script comes from Pry Everywhere by Luca Pette | |
| # http://lucapette.com/pry/pry-everywhere/ | |
| # https://github.com/carlhuda/bundler/issues/183#issuecomment-1149953 | |
| if defined?(::Bundler) | |
| global_gemset = ENV['GEM_PATH'].split(':').grep(/ruby.*@global/).first | |
| if global_gemset | |
| all_global_gem_paths = Dir.glob("#{global_gemset}/gems/*") | |
| all_global_gem_paths.each do |p| | |
| gem_path = "#{p}/lib" |
NewerOlder