smallsolar
/
kiwix-build
mirror of https://github.com/kiwix/kiwix-build.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Do not try to decrypt the ssh_key if we cannot. 

If we are building a PR comming from a fork, the secret key will not
be available and we cannot decrypt the ssh key.

And if the ssh key cannot be decrypted, we should not try to use it to
upload base dependencies.

`cron` and deployement are made only on "secured environment" so we don't
need to test for existance of the key because we are sure that we have
been able to decrypt it.
This commit is contained in:
Matthieu Gautier 2018-07-11 15:27:12 +02:00
parent f5fdc70e84
commit cd0d075def
2 changed files with 12 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
.travis.yml
View File

@ -13,8 +13,9 @@ if: type != push OR tag IS present
before_install: before_install:
- PATH=$PATH:${HOME}/bin - PATH=$PATH:${HOME}/bin
- if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then PATH=$PATH:$(brew --prefix)/opt/gettext/bin; fi - if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then PATH=$PATH:$(brew --prefix)/opt/gettext/bin; fi
- openssl aes-256-cbc -K $encrypted_eba2f7543984_key -iv $encrypted_eba2f7543984_iv - '[ -n "$encrypted_eba2f7543984_iv" ] && openssl aes-256-cbc
-in travis/travisci_builder_id_key.enc -out travis/travisci_builder_id_key -d -K $encrypted_eba2f7543984_key -iv $encrypted_eba2f7543984_iv
-in travis/travisci_builder_id_key.enc -out travis/travisci_builder_id_key -d'
- chmod 600 travis/travisci_builder_id_key - chmod 600 travis/travisci_builder_id_key
before_cache: before_cache:
- rm -f $HOME/.gradle/caches/modules-2/modules-2.lock - rm -f $HOME/.gradle/caches/modules-2/modules-2.lock

16
travis/compile_all.py
View File

@ -32,7 +32,10 @@ NIGHTLY_ZIM_ARCHIVES_DIR = HOME/'NIGHTLY_ZIM_ARCHIVES'/NIGHTLY_DATE
RELEASE_ZIM_ARCHIVES_DIR = HOME/'RELEASE_ZIM_ARCHIVES' RELEASE_ZIM_ARCHIVES_DIR = HOME/'RELEASE_ZIM_ARCHIVES'
DIST_KIWIX_ARCHIVES_DIR = HOME/'DIST_KIWIX_ARCHIVES' DIST_KIWIX_ARCHIVES_DIR = HOME/'DIST_KIWIX_ARCHIVES'
DIST_ZIM_ARCHIVES_DIR = HOME/'DIST_ZIM_ARCHIVES' DIST_ZIM_ARCHIVES_DIR = HOME/'DIST_ZIM_ARCHIVES'
SSH_KEY = environ.get('TRAVISCI_SSH_KEY', Path(environ['TRAVIS_BUILD_DIR'])/'travis'/'travisci_builder_id_key') if 'TRAVISCI_SSH_KEY' in environ:
SSH_KEY = Path(environ['TRAVISCI_SSH_KEY'])
else:
SSH_KEY = Path(environ['TRAVIS_BUILD_DIR'])/'travis'/'travisci_builder_id_key'
# We have build everything. Now create archives for public deployement. # We have build everything. Now create archives for public deployement.
BINARIES = { BINARIES = {
@ -225,12 +228,11 @@ try:
except URLError: except URLError:
print_message("Cannot get archive. Build dependencies") print_message("Cannot get archive. Build dependencies")
run_kiwix_build('alldependencies', platform=PLATFORM) run_kiwix_build('alldependencies', platform=PLATFORM)
archive = make_deps_archive('alldependencies', full=True) if SSH_KEY.exists():
destination = 'nightlybot@download.kiwix.org:/var/www/tmp.kiwix.org/ci/{}' archive = make_deps_archive('alldependencies', full=True)
destination = destination.format(base_dep_archive_name) destination = 'nightlybot@download.kiwix.org:/var/www/tmp.kiwix.org/ci/{}'
scp(archive, destination) destination = destination.format(base_dep_archive_name)
scp(archive, destination)
# A basic compilation to be sure everything is working (for a PR) # A basic compilation to be sure everything is working (for a PR)