Reputation: 25
Travis build - Unable to retrieve secret key from key ring file as it does not exist
I currently use Travis CI for my open source project. All went well till I tried to upload an artifact to Maven Central staging repository once the travis build was successful.
Please find the steps i followed below:
- Added a initiate-publish.sh script file which will publish to Maven central after build is successful.
- Encrypted the following
- Encryption password to secure my secring file -> travis encrypt -r username/gitrepo ENCRYPT_PASSWORD="my password"
- secring.gpg file - openssl aes-256-cbc -in .utility/local.secring.gpg -out .utility/secring.gpg.enc -pass pass:"my password" -> This generated secring.gpg.enc which i added to my repository
- Modfied .travis.yml file with the following
- before_install: openssl aes-256-cbc -pass pass:$ENCRYPTION_PASSWORD -in .utility/secring.gpg.enc -out .utility/local.secring.gpg -d
I committed the files to Git which triggered a build. The after_success: exits with an error stating "Could not evaluate onlyIf predicate for task ':android-db-migration-library:signArchives'.
Unable to retrieve secret key from key ring file '/home/travis/build/PalomaMobile/android-db-migration/android-db-migration-library/.utility/local.secring.gpg' as it does not exist"
You can view the logs https://travis-ci.org/PalomaMobile/android-db-migration/builds/63114335
From what i understand, the "before install" will decrypt the file and store it and my release script can access it.
Could you please help me understand why this happens. You can view my .travis.yml file, release script file etc.. @ https://github.com/PalomaMobile/android-db-migration
Upvotes: 1
Views: 1111
Answers (1)
Reputation: 2538
I double-checked your build log and it seems that your signArchive task is expecting the secret key to be located in
/home/travis/build/PalomaMobile/android-db-migration/android-db-migration-library/.utility/generated.secring.gpg
but in fact it is located in
/home/travis/build/PalomaMobile/android-db-migration/.utility/generated.secring.gpg
So I would suggest using an absolute path to the key file instead of a relative one in your .utility/initiate-publish.sh file.
Hope this helps!
Upvotes: 1
Related Questions
- Travis encrypt vars not decoded properly gibberish=[secure]
- How to add SSH Key in Travis CI?
- How to encrypt auth key in github and integrate with Travis CI?
- Travis: gpg: signing failed: secret key not available
- Travis CI build fails because it can't find the secret key file stored in my local home directory. How to handle this?
- Store secrets in Travis, not in github repo
- Encrypting a file on Travis for a GitHub repo that was renamed
- How to encrypt your Travis keys
- Travis CI build failed in gradle task
- Error fetching public key while encrypting environment variable for Travis CI