Deploy to GitHub repositories in TravisCI Jobs
- Introduction
- Configuration
- Generate a private key
- Add the key to the GitHub deploy keys
- Add the decryption password to TravisCI
- Add the encrypted key to your repository
- Configure the TravisCI job
- Credits
Introduction
By using GitHub deploy keys you can safely push to GitHub repositories, or read private GitHub repositories.
Configuration
Let’s assume that:
- your GitHub user name / organization name is
- your GitHub repository name is
- your are going to encrypt the private key with
Generate a private key
- Install OpenSSH on your system (or in a Virtual Machine, Docker container, WSL, …)
- Generate an RSA private key without a passphrase:
ssh-keygen -b 4096 -t rsa -N "" -C "Deploy key for /" -f github_deploy_key - Encrypt the private key
openssl aes-256-cbc -e -in github_deploy_key -pass 'pass:' -md sha256 -out github_deploy_key.enc
Add the key to the GitHub deploy keys
Go to https://github.com///settings/keys/new and enter this data:
- Title
a name of your choice - Key
paste the contents of thegithub_deploy_key.pubfile - Allow write access
check this if you will need to push to the repository
Add the decryption password to TravisCI
- Go to https://travis-ci.org///settings
- In the
Environment Variablessection, add a new variable with:- Name
DEPLOYKEY_PASSWORD - Value
</code>
- Name
Add the encrypted key to your repository
Add the github_deploy_key.enc file file to your repository.
By default, you can save it as .travis/github_deploy_key.enc
Configure the TravisCI job
- If you didn’t save the encrypted key as
.travis/github_deploy_key.enc, define an environment variable namedDEPLOYKEY_FILEwhose value is the relative path to the encrypted key - Invoke the following code to load the key so that GIT has (write) access to the repository:
wget -q -O - https://raw.githubusercontent.com/mlocati/travisci-github-deploy-key/master/load-deploy-key.sh | sh
Credits
From a great idea by @B3rn475.