Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
792 views
in Technique[技术] by (71.8m points)

git - How to publish to Github Pages from Travis CI?

We are compiling Doxygen docs on the travis-ci server and want to push them onto our gh-pages branch.

How do I handle the authorization for git push? Does someone have an example for using encrypted variables in travis-ci? Should I go for https authorization or for an SSH key?

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

Step-by-step example with HTTPS API Token in environment variable

Others have mentioned it, but here goes a more detailed procedure.

  1. Create a separate repository for the website (optional). This will reduce the likelihood that you overwrite your main repository, and will keep output files from polluting it.

  2. Get a Personal Access Token under https://github.com/settings/tokens

    Only enable "public_repo" access for public repositories, "repo" for private.

    Save the token somewhere as you can only see it once.

  3. On the Travis settings for the repository https://travis-ci.org/<me>/<myrepo>/settings create an environment variable:

    GITHUB_API_KEY=<token>
    

    and make sure to mark "Display value in build log" as "Off".

    This is safe because only authorized pushes by you see such environment variables, so if a malicious user tries to make a pull request to get your string, the variable won't be there.

    Just make sure that you never, ever list your environment variables on your build!

  4. Add the following to your .travis.yml:

    after_success: |
      if [ -n "$GITHUB_API_KEY" ]; then
        cd "$TRAVIS_BUILD_DIR"
        # This generates a `web` directory containing the website.
        make web
        cd web
        git init
        git checkout -b gh-pages
        git add .
        git -c user.name='travis' -c user.email='travis' commit -m init
        # Make sure to make the output quiet, or else the API token will leak!
        # This works because the API key can replace your password.
        git push -f -q https://<me>:[email protected]/<me>/<myrepo>-gh-pages gh-pages &>/dev/null
        cd "$TRAVIS_BUILD_DIR"
      fi
    

Alternative travis encrypt method

Explained in detail at: https://stackoverflow.com/a/33109519/895245

Encrypt the string GITHUB_API_KEY=<key> with the travis gem, and add it to your .travis.yml:

env:
  secure: <encrypted>

This has the advantage that it does not require using the Travis web interface, but does require using a Gem and some more copy pasting.


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...