I have created a TravisCI Hook in a GitHub repository that automatically run a build after pushing to the repo. What I would like to add is that if the build succeeds a tag is automatically created.
I have found out that there is a way to create tags with the GitHub API http://developer.github.com/v3/git/tags/#create-a-tag-object
But how do I control access to my repository? I can't expose my login github credentials in the travis.yml because everyone can read it as it is cointained in the repository.\
I am pretty new to automated deployment so if there is any other solution to do this without travis please let me also know. What I would like to achieve is that a downloadable version is created for the users after a successful build.
Ok I have finally found the correct travis.yaml Configuration.
How does it work: After pushing to the repository, travis will run the tests of my application. If the tests are successful travis will build a precompiled version of the current build and upload it to a special release which I have created on the GitHub Repo.
language: scala
env:
global:
- PLAY_VERSION=2.2.1
- secure: "HD1x0S9ad/3+G9YUkyT/uTw9lEr+tUQEV4QO+M2Ro1JFSVOzLNZiNoh6FrNb06a0TbencTkftyHYmYjp1/CCyTpF9CMCQ4ddB7TVF9hibH1y9ONVrPJIm5BCEpjGDa4fND8bkcChrpcZDQKIO0ZwArEsl2+IRocnbBT+oYqIFNo="
before_script:
- wget http://downloads.typesafe.com/play/${PLAY_VERSION}/play-${PLAY_VERSION}.zip
- unzip -q play-${PLAY_VERSION}.zip
- sudo apt-get install jq
script: play-${PLAY_VERSION}/play test
notifications:
email: false
after_success:
- play-${PLAY_VERSION}/play dist
- cd target/universal/
- 'ASSETID=$(curl -s -H "Authorization: token ${BUILD_KEY}" "https://api.github.com/repos/meisign/fillable/releases/204198/assets" | jq ".[0].id")'
- 'curl -XDELETE -s -H "Authorization: token ${BUILD_KEY}" "https://api.github.com/repos/meisign/fillable/releases/assets/$ASSETID"'
- 'curl -XPOST -s -H "Authorization: token ${BUILD_KEY}" -H "Content-Type: application/zip" --data-binary @./Fillable-1.0-SNAPSHOT.zip "https://uploads.github.com/repos/meisign/fillable/releases/204198/assets?name=Fillable.zip"'
You can create a GitHub Personal API Token that will grant access to your repositories. The public_repo
scope should be all you need for a public repository.
Use this token for authenticating to the GitHub API. To use the token with the API include it in the Authorization header.
curl -H "Authorization: token <YOUR_TOKEN>" https://api.github.com/user
You can also use this token to push to your repository.
git push -q https://<token>@github.com/<user>/<repo>
Now for the fun part, you need to keep that token a secret. Having it public is equivalent to having your username and password public.
You need to be sure to read through the documentation referenced and keep an eye on your Travis-CI logs. The commands run in bash, and depending how you write it or if there are any errors you could accidentally reveal your token.
To keep that token a secret Travis-CI has a system for generating public and private keys. The encryption keys are specific to your repository.
The link has all of the relevant documentation; you need to install the Travis command line interface tool, it is available as a Ruby Gem.
gem install travis
To encrypt a variable (such as your personal token) -
travis encrypt SOMEVAR=secretvalue --add
Travis assumes that the command is being run in the project directory and will provide the unique Public key to encrypt your data, based on your repository. The --add
flag will automatically place the secured data in your .travis.yml
file.
That's how you keep it a secret. The implementation of creating tags with Git or the GitHub API is up to you. Please share once you figure it out.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With