Conversation
|
Using a modern ed25519 key makes it fun! |
aaemnnosttv
left a comment
aaemnnosttv
left a comment
There was a problem hiding this comment.
Thanks for the PR @szepeviktor
I like your idea, but as I recall, Travis has a limit on the length of a secret that can be stored in settings. I don't have the source for that off-hand, but it may have been that I didn't think to encode the key like you're saying to preserve the new lines. If that's all it takes then I like the idea of removing the encrypted file from the repo.
With that said, I'm hesitant to make changes to the repo here when it's otherwise working just fine 😄
A few comments for you on your suggested changes below.
| - $HOME/.composer/cache | ||
| - repos/wordpress | ||
|
|
||
| before_install: |
There was a problem hiding this comment.
Why change this to before_install? The install step only runs Composer, which does not require SSH (only the script does). The key is actually really only needed for the deploy step but I seem to recall the git clone would fail without it using ssh for the remote.
There was a problem hiding this comment.
install does the installation of Composer packages which are actually part of this software.
before_install does the prerequisites for running CI.
I hope that is clear :)
.travis.yml
Outdated
| - echo -n "${base64_4950820e8b20_key}" | base64 --decode >.travis/key | ||
| - chmod 600 .travis/key | ||
| - ssh-add .travis/key |
There was a problem hiding this comment.
If extracting the key to a secret (which seems to be what you're suggesting here), then the encrypted key in the repo is no longer needed either since ssh-add can read from STDIN (see this answer).
Good point! An ed25519 key is very short. Please try generating one. |
.travis.yml
Outdated
|
|
||
| before_install: | ||
| - eval "$(ssh-agent -s)" | ||
| - echo -n "${base64_4950820e8b20_key}" | ssh-add - |
There was a problem hiding this comment.
This would still need to be base64 decoded before adding, would it not?
2 participants
Simply store the SSH private key base64-encoded
base64_4950820e8b20_key