search

jodersky / sbt-gpg

Simple and secure artifact signing for sbt.
Other
50 stars 3 forks source link

Need key without passphrase protection #11

Closed seahrh closed 5 years ago

seahrh commented 5 years ago

I took awhile to get sbt publish to work on Travis after following the steps in this section https://github.com/jodersky/sbt-gpg#securely-publishing-in-travis-and-other-ci

What I didn't realise at the time is that my key is still passphrase protected. I was puzzled when the interactive passphrase prompt threw off my travis build. 

The solution is to not password-protect the CI signing key and instead encrypt it explicitly using openssl. To start with, ...

Probably it would be clearer if we emphasize the first step is to create a new key without passphrase protection.

If you like, I can do a PR on README to clarify the above.

djspiewak commented 5 years ago

I think it would be worth clarifying. To be clear though, you should be using a new key for Travis anyway (not your personal GPG key; never your personal GPG key), so when I wrote those instructions I was expecting people were generating things in the moment and would be caught by that sentence.

jodersky commented 5 years ago

Sounds good! Please open a PR if you have any clarifications you'd like to add

seahrh commented 5 years ago

OK, I need permission to push the branch.

$ git push --set-upstream origin i11
remote: Permission to jodersky/sbt-gpg.git denied to seahrh.
fatal: unable to access 'https://github.com/jodersky/sbt-gpg.git/': The requested URL returned error: 403
jodersky commented 5 years ago

Could you please create a pull request from your own fork of the repo? You don't need permission if you work on your own fork. See https://help.github.com/en/articles/creating-a-pull-request-from-a-fork for some more info on how to create PRs.

Otherwise, if you prefer, feel free to let me know of the changes you want to make, either via email (i.e. send me a patch) or comment here and I will apply them.

On Wed, Apr 24, 2019, 19:20 Ruhong notifications@github.com wrote:

OK, I need permission to push the branch.

$ git push --set-upstream origin i11 remote: Permission to jodersky/sbt-gpg.git denied to seahrh. fatal: unable to access 'https://github.com/jodersky/sbt-gpg.git/': The requested URL returned error: 403

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/jodersky/sbt-gpg/issues/11#issuecomment-486494834, or mute the thread https://github.com/notifications/unsubscribe-auth/AAHV3JDXAKOG52DRLFXCF2DPSEIO7ANCNFSM4HIBKLIA .

seahrh commented 5 years ago

Got it, let me create PR from my own fork

jodersky commented 5 years ago

Fixed in #12