Pure-bash script to encrypt values
for use in Travis-CI build scripts.
Requires curl, GNU sed and grep, and openssl rsautl command-line utilities.
(Plus git for "magical" autodetection of the correct user and repository from the remote.)
$ curl https://raw.githubusercontent.com/dlenski/travis-encrypt-sh/HEAD/travis-encrypt > ~/bin/travis-encrypt
$ chmod +x !$
$ travis-encrypt
usage: travis-encrypt [user] [repository] [value to encrypt]
e.g.: travis-encrypt 'P@ssw0rd' (only inside a git repo)
or travis-encrypt jsmith MyRepo 'VAR="s3cret"'
or travis-encrypt jsmith MyRepo 'P@ssw0rd'Let's encrypt a secret value for use in the .travis.yml of this GitHub repository:
$ ./travis-encrypt dlenski travis-encrypt-sh 's3cr3t-va1ue' > base64.txt
Fetching key from https://api.travis-ci.org/repos/dlenski/travis-encrypt-sh/key ...
Encrypting with openssl rsautl ...Now base64.txt contains a value that can be directly pasted into this repository's .travis.yml
(in order to convey a secret value to the Travis-CI build system without leaking it publicly in this
repository), as in:
deploy:
password:
secure: "contents of base64.txt go here"