Menu
I would like to use Travis CI for my open-source project. The issue that Travis doesn't provide any ways to publish produced artifacts (though, they have this in their future plans).
What are workarounds to publish/upload artifacts somewhere? I'm allowed to execute any scripts on a CI machine.
Simple upload will work, but there is security issue: anyone will be able to upload something in the same way as all sources are public.
428
Continuous Deployment to the following providers is supported: anynines. AWS CloudFormation. AWS CodeDeploy.
Configuration. Travis CI is configured by adding a file named . travis. yml , which is a YAML format text file, to the root directory of the repository.
GitHub releases step-by-step
The method was mentioned at https://stackoverflow.com/a/24100779/895245, and is poorly documented at: https://docs.travis-ci.com/user/deployment/releases/ , so here goes a more detailed step-by-step.
It uploads artifacts to GitHub releases https://github.com/<username>/<repo>/releases which exist for every Git tag you push.
Get a Personal Access Token under https://github.com/settings/tokens
Only enable "public_repo" access for public repositories, "repo" for private.
Save the token somewhere as you can only see it once.
Install the travis gem:
gem install travis # See: https://stackoverflow.com/a/33119804/895245 gem update --system Then cd into your repository and:
travis encrypt <api-token> but more recently people have reported that travis encrypt -r githubusername/repositoryname --org is needed instead, see: https://github.com/travis-ci/travis-ci/issues/8128
This will produce an output like:
secure: "<encrypted-token>" Note down the large encrypted token.
Use a .travis.yml as follows:
script: # This command generates a release.zip file. - make dist deploy: provider: releases api_key: secure: "<encrypted-token>" file: 'release.zip' skip_cleanup: true on: tags What happens is that Travis replaces every something: secure: <encrypted-string> with just something: <decrypted-string> as explained at: http://docs.travis-ci.com/user/encryption-keys/
This is safe because only authorized pushes by you can decrypt the string, so if a malicious user tries to make a pull request to get your string, it would should just show the encrypted string.
Now whenever you push a commit with a tag, Travis will upload release.zip to the release:
git commit -m 1.0 git tag -m 1.0 1.0 git push --tags If you had already pushed the commit and the tag after, you might have to click the "Restart build" button on the Travis UI for it to upload.
https://stackoverflow.com/a/38037626/895245 has some screenshots of the process.
Alternative method: environment variable
Instead of an encrypted string, we could also use a hidden environment variable.
On the Travis settings for the repository https://travis-ci.org/<me>/<myrepo>/settings create an environment variable:
GITHUB_API_KEY=<token> and make sure to mark "Display value in build log" as "Off", and use:
api_key: '$GITHUB_API_KEY' While this will not show on logs for pull requests, this method is riskier, as you could my mistake list the environment of a build.
The upside is that this method is simpler to understand.
A simple example of mine that uploads images generated from Gnuplot to GitHub releases:
Question about GitHub Pages deployment: How to publish to Github Pages from Travis CI?
198
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
