Travis to the rescue
26 April 2013 in travis · view history
One thing I don’t like about Octopress it requires too much steps to write a single blog post. You have to:
- Create a new post
rake new_post['Malesuada Ornare Mollis'] - Write a content
- Generate static files
rake generate - Deploy the generated site
rake deploy
This is insane. 4 steps and terminal is required ? I just want to edit directly from the browser, and sometimes from Sublime.
So Travis CI crossed my mind. What if I just push changes to master and let CI generate and deploy for me. Would be nice. And there is also prose.io to make writing Markdown fancy.
I tried with my own and I couldn’t customize Travis for my needs. So I came across this post from Sergey Klimov. This saved my day. I would like to break things down here a bit. Several things are needed for this ritual to work.
Generating encrypted SSH key for Travis
In order to make this happen, Travis has to hold our GitHub deploy SSH key. The key is needed to be encrypted too. Travis already provides the travis encrypt from its gem. Luke Patterson came up with this gist to make this easier, allow me to paste a part of it here:
$ base64 --wrap=0 ~/.ssh/id_rsa > ~/.ssh/id_rsa_base64
$ ENCRYPTION_FILTER="echo \$(echo \"-\")\$(travis encrypt veewee-community/veewee-push \"\$FILE='\`cat $FILE\`'\" | grep secure:)"
$ split --bytes=100 --numeric-suffixes --suffix-length=2 --filter="$ENCRYPTION_FILTER" ~/.ssh/id_rsa_base64 id_rsa_Basically (I think) it would encode our id_rsa in base64, split each line of them and run travis encrypt .. --add, resulting in the encrypted strings are appended to the .travis.yml
Unfortunately this doesn’t work in my OSX somehow (due to the split command). So I just base64 my id_rsa, get that id_rsa_base64, open it, and do something like this.
$ travis encrypt id_rsa_00=LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpQcm9jLVR5cGU6IDQsRU5DUllQVEVE --add
$ travis encrypt id_rsa_01=CkRFSy1JbmZvOiBBRVMtMTI4LUNCQyxFNDQ2OTNEQkMzNjcxOERFNTc5QzQ4MTQyNUExQjg4 --add
$ travis encrypt id_rsa_02=OQoKMXhlbEljK2xlVGVNdlVrSUxNRE9LdCtsL1hQZy9VYy9zYXRrNGJUeWVPcnhLMnVmUysz --add
$ travis encrypt
...Hahaha I know this is horrible. Would have come up with more neat solution someday. For now I just paste those line in my terminal, then I have my encrypted key appended in .travis.yml.
One thing, the SSH must not have the passphrase, Travis won’t be able to enter it via the prompt.
Another thing to note is this encrypted key is for per-repo. You may to run those travis encrypt separately for each repository.
The .travis.yml itself
Sergey has provided his cool .travis.yml for this ritual in his post. I modified it a bit, here is what the file looks like:
---
language: ruby
rvm:
- 1.9.3
before_script:
- git remote set-url origin $REPO.git
- git config --global user.email "[email protected]"
- git config --global user.name "Phat Wangrungarun (via TravisCI)"
- echo -n $id_rsa_{00..32} >> ~/.ssh/id_rsa_base64
- base64 --decode --ignore-garbage ~/.ssh/id_rsa_base64 > ~/.ssh/id_rsa
- chmod 600 ~/.ssh/id_rsa
- echo -e "Host github.com\n\tStrictHostKeyChecking no\n" >> ~/.ssh/config
- rake setup_github_pages[$REPO]
script:
- bundle exec rake generate
- bundle exec rake deploy
env:
global:
- REPO="[email protected]:phatograph/blog"
- secure: ! 'Sge5rCthtw0QGTfqVGvkVMVP/4RQwwnjM0YYnxeTmImi4cwWQkXDXSuctkKz
FoGzyvzB75Zbu86Yf9yD5M+2QOdYru4DZdq/d17AEnwFnB+ETjxRcnSbzJaKThe rest of the file is the encrypted key from travis encrypt, just leave it alone.
What this does is it would decrypt the keys, assign them to $id_rsa_00, $id_rsa_01, $id_rsa_02 and so on, gather them together in ~/.ssh/id_rsa_base64. Then run a base64 --decode --ignore-garbage to make ~/.ssh/id_rsa. Now we have our ssh key for Travis to push to GitHub, really nice. The left is just set the path to push, generate, and deploy.
Job is done
So far it seems too complex to write a blog. But for me it’s fun to figure these things out (and it works). I have my blog, it’s under version control, it’s open source, even its own CI. Octopress and friends are cool for me for now. ;)