Travis-CI build deploy error

[johnanvik]

I have tried (with some updated instructions from Shawn) to set up the Travis-CI build to deploy to the production server. However, I get this error:

[johnanvik]

After some googling, it looks like the issue has to do with generating the keys on Windows. Regenerating the keys on Linux solved that issue, but there is a new one.

[johnanvik]

Shawn did some work on it and looks to have found the solution:

Hi Dr Anvik,

I created a copy of the repo on my github account, and used that to test a Travis instance. I finally was able to get it working after wrestling with an encryption issue (https://github.com/travis-ci/travis-ci/issues/4746 , the ssh key should be generated and encrypted on linux until this issue is sorted out). 

Here is my travis.yml file:  language: node_js

node_js:

• node

notifications: email: false slack: programwarscardgame:u1VhNgRjj1X8gxpEWhfLw6MP#builds

addons: code_climate: repo_token: 814d39d2092e7f3b870f9a455dad28295a4aa15e611472ecca5a6ae547a536f6 ssh_known_hosts:

• cullen.io

before_script:

• export DISPLAY=:99.0
• sh -e /etc/init.d/xvfb start

cache: directories:

• node_modules install:
  • npm install karma-firefox-launcher
  • npm install jasmine-core
  • npm install karma-chrome-launcher
  • npm install karma-jasmine

script:

• npm run test

after_success:

• npm install -g codeclimate-test-reporter --save-dev
• codeclimate-test-reporter < ./test/unit/coverage/lcov.info
• openssl aes-256-cbc -K $encrypted_89da6393486f_key -iv $encrypted_89da6393486f_iv -in deploykeyfinal.enc -out deploy_key2.pem -d
• eval "$(ssh-agent -s)" #start the ssh agent
• chmod 600 deploy_key2.pem # this key should have push access
• ssh-add deploy_key2.pem
• git remote add deploy ssh://git@cullen.io/var/repo/programwars.git
• git push deploy The main changes I made were to add ssh_known_hosts to addons: section, and I moved all of the deploy commands under the after_success: section, made sure the directory for the key was the same as the output from the openssl command, and added the add remote git command. 

These commands could be moved to a deploy script later, but they work as is. The good thing is we know it works.

[johnanvik]

Fixed with commit 166995316dd65dc91dc36e0f64f518324722f9a9.

Big thanks to Shawn!

[wscullen]

Glad I could help! It looks like there are just a couple typos in the yml script:

1. the indenting needs to be fixed after the openssl command (aligned left)
2. the git remote add command says git remove add
3. the ssh known hosts should be under the addons section (at the same level as code_climate)

Those fixes and deployment should be successful. I would recommend making a minor change to some text in the program after the yml is updated, to make sure deployment is working. Also if deployment is successful, you will see output at the bottom of the travis log (expanded under the git push deploy command) similar to this:

remote: Hash: 9c187b1558873951f439 remote: Version: webpack 2.2.1 remote: Time: 15568ms remote: Asset Size Chunks Chunk Names remote: static/js/vendor.830e5b3d387f99d81064.js 124 kB 0, 2 [emitted] vendor remote: static/js/app.75154bc5fcf2494df3a9.js 54.4 kB 1, 2 [emitted] app remote: static/js/manifest.28b82fde97df9f056d34.js 1.44 kB 2 [emitted] manifest remote: static/css/app.e86cc6504d0eb6d89d530bfee67fbb49.css 10.1 kB 1, 2 [emitted] app remote: static/css/app.e86cc6504d0eb6d89d530bfee67fbb49.css.map 16.4 kB 1, 2 [emitted] app remote: index.html 1.16 kB [emitted]
remote: remote: Build complete. remote: remote: Tip: built files are meant to be served over an HTTP server. remote: Opening index.html over file:// won't work. remote: To ssh://git@cullen.io/var/repo/programwars.git cb56838..eca1b5a master -> master

[johnanvik]

Typos now fixed, but script stalling on waiting for a password.

[wscullen]

Just missing adding the key after chmod 600 deploy_rsa.pem

ssh-add deploy_rsa.pem

edit: had the key name from my repo.

[johnanvik]

OK. I'll fix that.

John Anvik Mathematics & Computer Science University of Lethbridge Lethbridge, AB, Canada Office: C520 (University Hall) Phone: (403) 329-2382 Email: john.anvik@uleth.ca

---

From: sscullen notifications@github.com Sent: June 11, 2017 1:51 PM To: johnanvik/program-wars Cc: Anvik, John; State change Subject: Re: [johnanvik/program-wars] Travis-CI build deploy error (#85)

Just missing adding the key after chmod 600 deploy_rsa.pem

ssh-add deploy_key2.pem

— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHubhttps://github.com/johnanvik/program-wars/issues/85#issuecomment-307652382, or mute the threadhttps://github.com/notifications/unsubscribe-auth/AbbfwXXW466rMuiiqwC0iPia-lL8PmcIks5sDEU5gaJpZM4N2eU3.

[johnanvik]

Is asking for a passphrase?

[johnanvik]

Found this: https://stackoverflow.com/questions/41774464/travis-ci-ssh-add-asking-for-my-passphrase

but this doesn't look like a promising solution.

[johnanvik]

Reopened "dev-tools" branch to work on this.

[wscullen]

Yeah, the issue I was having was related to a bad decryption step, where a malformed key without a passphrase and the ssh agent would ask for a passphrase, its a pretty good indication that the decryption phase failed somehow.

Looking at the travis log (i have access to the build on Travis I guess because I am a contributor), the output of the openssl command is "iv undefined".

So we need to make sure the env variable names match in the command.

Env vars in travis:

encrypted_087f33004b68_iv

encrypted_087f33004b68_key

Command referencing env vars: $encrypted_89da6393486f_key -iv $encrypted_89da6393486f_iv

So we need to make sure those match, so change the command references to match the env vars stored in travis. I think that is what is happening.

[johnanvik]

I think I created the key with a passphrase. I have regenerated the key without a passphrase and sent Shawn an updated public key.

@sscullen: The build still has an error (https://travis-ci.org/johnanvik/program-wars/jobs/242127145), but I suspect this is because the pub key hasn't been deployed to the production server yet. Let me know when it is and I'll rerun the build.

[johnanvik]

I reran the build after Shawn added the pub key. It is still looking for a password. @sscullen can you see what is wrong?

[wscullen]

This was my mistake, the authorized_keys file was not formatted correctly, needed to make sure each key was on its own line. I fixed it, and restarted the Travis build, and it worked! Last output was everything is up to date!

[johnanvik]

Hurray! Thanks for all the work with this. I know I felt like we were going in circles.

[wscullen]

You're very welcome, I was glad to help, as it gave me some experience with setting up and using Travis. I think this will come in handy in the future!