Docs CI CD #1785
Docs CI CD #1785
Conversation
f1sh1918
requested review from
steffenkleinle,
ztefanie and
seluianova
as code owners
…ease, adjust workflow names to have same syntax.
| @@ -12,10 +12,10 @@ parameters: | |||
| default: "run_if_on_main" | |||
| type: enum | |||
| enum: ["run_if_on_main", "run", "skip"] | |||
| run_deliver_beta_backend_administration: | |||
| run_delivery_beta_backend_administration: | |||
There was a problem hiding this comment.
Previously all workflows were named consistently:
run_[verb]_[beta/prodcution]_[plattform]
Now you changed the ´deliver´ to delivery and it is the only workflow that has inconsistent naming. I suggest to undo this change
There was a problem hiding this comment.
not all workflows were named consistently.
There were deliver and delivery
For integreat we also use delivery, so i thought we may also use it here. I think run(verb) and delivery (noun) is also valid tbh
docs/cicd.md
Outdated
| | CREDENTIALS_KEYSTORE_PATH | Path to the OpenSSL AES256-CBC encrypted Java Keystore file | - | /home/circleci/credentials/<secret>.enc | Look for the `openssl enc` command in the Android Fastlane file for more information | | ||
| | KEYSTORE_PATH | Path to the decrypted Java Keystore file | - | /home/circleci/keystore.jks | - | | ||
| | CREDENTIALS_KEYSTORE_PASSWORD | Password for decrypting the keystore using OpenSSL | | password | - | | ||
| | KEYSTORE_KEY_ALIAS | Alias of the key within the Java Keystore | You should look in the JKS file using `keytool -list -v -keystore <jks>` | my-key | - | |
There was a problem hiding this comment.
this is specific per project and the env variables are called this:
KEYSTORE_KEY_ALIAS_BAYERN
KEYSTORE_KEY_ALIAS_NUERNBERG
KEYSTORE_KEY_ALIAS_KOBLENZ
KEYSTORE_KEY_PASSWORD_BAYERN
KEYSTORE_KEY_PASSWORD_NUERNBERG
'KEYSTORE_KEY_PASSWORD_KOBLENZ
There was a problem hiding this comment.
thx for the hint @ztefanie
Is there any documentation about the gpg encryption. I think i didn't do a manual release after you created a general jks file and encrypted it. Maybe you can add sth to the app-credentials repo or give me some input :)
There was a problem hiding this comment.
The password for this is in passbolt. The usage of this is simple with command line tools, e.g.
keytool -v -list -keystore /path/to/keystore for listing all keys in a jks, but you can also use UI tools like "keystore explorer", but they sometimes lack the support of multiple keys with different passwords. Check out this PR for discussion or my thoughts of restructung this: https://github.com/digitalfabrik/app-credentials/pull/1
The command (simply using the gpg comand line tool for this) for encrypting and decrypting can be can be found in the passbold note of these passwords or in the android/Fastfile: gpg --verbose --passphrase #{CREDENTIALS_KEYSTORE_PASSWORD} --pinentry-mode loopback -o ~/#{KEYSTORE_PATH} -d #{CREDENTIALS_KEYSTORE_PATH}"
Short description
I added some docs for ci/cd because we mostly finished that milestone.
I copied the structure from integreat and adjusted and added some parts.
Proposed changes
Side effects
@ztefanie and @steffenkleinle maybe you could double check variables and dependencies section. I probably forgot sth or did not adjust properly
I hope that helps you to trigger release and make troubleshooting