Using Travis CI to build Jekyll site from master to gh-pages with deploy keys

1
votes

I'm working on our site whose GitHub repo is here. It's a no-plugin kind of site, but in order to schedule posts, I need a Cron running, and Travis-CI comes into picture here.

My goal is to simply copy content from master and give it off to gh-pages. I'm using the deployment keys approach to get Travis access to the GitHub repo.

When I push changes, Travis runs the build, but exits with a message, The command "bash deploy.sh" exited with 1.

Here's my Travis config:

language: ruby # don't install any environment
rvm:
  2.3.4

branches:
  only:
    master

before_script:
    chmod +x ./deploy.sh

script: bash ./deploy.sh

env:
  global:
  - ENCRYPTION_LABEL: "c68fb307f099"
  - COMMIT_AUTHOR_EMAIL: "[email protected]"

sudo: false # route your build to the container-based infrastructure for a faster build

And these are the contents of deploy.sh:

#!/bin/bash
set -e # Exit with nonzero exit code if anything fails

SOURCE_BRANCH="master"
TARGET_BRANCH="gh-pages"

function doCompile {
  bundle exec jekyll build
}

# Pull requests and commits to other branches shouldn't try to deploy, just build to verify
if [ "$TRAVIS_PULL_REQUEST" != "false" -o "$TRAVIS_BRANCH" != "$SOURCE_BRANCH" ]; then
    echo "Skipping deploy; just doing a build."
    doCompile
    exit 0
fi

# Save some useful information
REPO=`git config github.com/merakipost/merakipost.github.io`
SSH_REPO=${REPO/https:\/\/github.com\//[email protected]:}
SHA=`git rev-parse --verify HEAD`

# Clone the existing gh-pages for this repo into out/
# Create a new empty branch if gh-pages doesn't exist yet (should only happen on first deply)
git clone $REPO out
cd out
git checkout $TARGET_BRANCH || git checkout --orphan $TARGET_BRANCH
cd ..

# Clean out existing contents
rm -rf out/**/* || exit 0

# Run our compile script
doCompile

# Now let's go have some fun with the cloned repo
cd out
git config user.name "Travis CI"
git config user.email "$COMMIT_AUTHOR_EMAIL"

# If there are no changes to the compiled out (e.g. this is a README update) then just bail.
if git diff --quiet; then
    echo "No changes to the output on this push; exiting."
    exit 0
fi

# Commit the "changes", i.e. the new version.
# The delta will show diffs between new and old versions.
git add -A .
git commit -m "Deploy to GitHub Pages: ${SHA}"

# Get the deploy key by using Travis's stored variables to decrypt deploy_key.enc
ENCRYPTED_KEY_VAR="encrypted_${ENCRYPTION_LABEL}_key"
ENCRYPTED_IV_VAR="encrypted_${ENCRYPTION_LABEL}_iv"
ENCRYPTED_KEY=${!ENCRYPTED_KEY_VAR}
ENCRYPTED_IV=${!ENCRYPTED_IV_VAR}
openssl aes-256-cbc -K $ENCRYPTED_KEY -iv $ENCRYPTED_IV -in ../deploy_key.enc -out ../deploy_key -d
chmod 600 ../deploy_key
eval `ssh-agent -s`
ssh-add deploy_key

# Now that we're all set up, we can push.
git push $SSH_REPO $TARGET_BRANCH

Kindly point out the error in this, and help me out.

Thanks,
Ram

1
gitbashjekylltravis-ci

1 Answers

2
votes

You are running deploy.sh at the same level of your keys so the openssl command should look for its keys without going a level up in the directory tree:

openssl aes-256-cbc -K $ENCRYPTED_KEY -iv $ENCRYPTED_IV -in deploy_key.enc -out deploy_key -d

Also try to put some echo's in there so you can see what other thing is failing (or not).

I wrote an article about it here and using a very similar approach here (working).