diff options
author | philwhineray <phil.whineray@gmail.com> | 2016-12-16 09:34:47 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2016-12-16 09:34:47 +0000 |
commit | bd7add0a8ccbc9d3c24fb7c9dd65e872d3beccb2 (patch) | |
tree | d99645fb17e1c0a73caa1e88ed28e6a95b1b9379 | |
parent | f4827e695a2a67b3c37e316a61e28705f6972dd0 (diff) | |
parent | 00a0f2c07ed546ee20a07da043c7b058377fb6f2 (diff) |
Merge pull request #1388 from philwhineray/master
Fix pull requests from external repositories
-rw-r--r-- | .travis.yml | 11 | ||||
-rwxr-xr-x | .travis/decrypt-if-have-key | 35 | ||||
-rwxr-xr-x | .travis/deploy-if-have-key | 44 |
3 files changed, 81 insertions, 9 deletions
diff --git a/.travis.yml b/.travis.yml index f88f206e0b..465a8f2173 100644 --- a/.travis.yml +++ b/.travis.yml @@ -17,14 +17,7 @@ addons: # # Setup environment before_install: - # Decrypt our private files for CI use only - - openssl aes-256-cbc -K $encrypted_decb6f6387c4_key -iv $encrypted_decb6f6387c4_iv -in .travis/travis_rsa.enc -out .travis/travis_rsa -d - - eval "$(ssh-agent -s)" # start the ssh agent - - chmod 600 .travis/travis_rsa # add our key - - ssh-add .travis/travis_rsa # add our key - - rm -f .travis/travis_rsa # remove to prevent leaks - # WARNING: Any changes to the above 5 lines should be monitored closely - - ssh-keyscan -H firehol.org >> ~/.ssh/known_hosts + - ./.travis/decrypt-if-have-key decb6f6387c4 # # Run before_script: @@ -42,7 +35,7 @@ script: # Deploy as required after_success: - for i in *.tar.*; do md5sum -b $i > $i.md5; sha512sum -b $i > $i.sha; done - - "case \"$TRAVIS_BRANCH\" in master|stable-*) if [ $TRAVIS_PULL_REQUEST = false -a \"$TRAVIS_TAG\" = \"\" -a \"$CC\" = \"gcc\" ]; then ssh travis@firehol.org mkdir -p uploads/netdata/$TRAVIS_BRANCH/ && scp -p *.tar.* travis@firehol.org:uploads/netdata/$TRAVIS_BRANCH/ && ssh travis@firehol.org touch uploads/netdata/$TRAVIS_BRANCH/complete.txt; fi;; esac" + - ./.travis/deploy-if-have-key deploy: # Upload results to GitHub (tag only) - provider: releases diff --git a/.travis/decrypt-if-have-key b/.travis/decrypt-if-have-key new file mode 100755 index 0000000000..b585d12c1e --- /dev/null +++ b/.travis/decrypt-if-have-key @@ -0,0 +1,35 @@ +#!/bin/bash + +set -e + +# Decrypt our private files; changes to this file should be inspected +# closely to ensure they do not create information leaks + +eval key="\${encrypted_${1}_key}" +eval iv="\${encrypted_${1}_iv}" + +if [ ! "$key" ] +then + echo "No aes key present - skipping decryption" + exit 0 +fi + +for i in .travis/*.enc +do + u=$(echo $i | sed -e 's/.enc$//') + openssl aes-256-cbc -K "$key" -iv "$iv" -in $i -out $u -d +done + +if [ -f .travis/travis_rsa ] +then + echo "ssh key present - loading agent" + eval "$(ssh-agent -s)" + + # add key, then remove to prevent leaks + chmod 600 .travis/travis_rsa + ssh-add .travis/travis_rsa + rm -f .travis/travis_rsa + touch .travis/travis_rsa.ready +else + echo "No ssh key present - skipping agent start" +fi diff --git a/.travis/deploy-if-have-key b/.travis/deploy-if-have-key new file mode 100755 index 0000000000..6c40e25705 --- /dev/null +++ b/.travis/deploy-if-have-key @@ -0,0 +1,44 @@ +#!/bin/bash + +set -e + +# Deploy tar-files and checksums to the firehol website + +if [ ! -f .travis/travis_rsa.ready ] +then + echo "No ssh key decrypted - skipping deployment to website" + exit 0 +fi + +case "$TRAVIS_BRANCH" in + master|stable-*) + : + ;; + *) + echo "Not on master or stable-* branch - skipping deployment to website" + exit 0 + ;; +esac + +if [ "$TRAVIS_PULL_REQUEST" = "true" ] +then + echo "Building pull request - skipping deployment to website" + exit 0 +fi + +if [ "$TRAVIS_TAG" != "" ] +then + echo "Building tag - skipping deployment to website" + exit 0 +fi + +if [ "$CC" != "gcc" ] +then + echo "Building non-gcc version - skipping deployment to website" + exit 0 +fi + +ssh-keyscan -H firehol.org >> ~/.ssh/known_hosts +ssh travis@firehol.org mkdir -p uploads/netdata/$TRAVIS_BRANCH/ +scp -p *.tar.* travis@firehol.org:uploads/netdata/$TRAVIS_BRANCH/ +ssh travis@firehol.org touch uploads/netdata/$TRAVIS_BRANCH/complete.txt |