Comment on page
Basic TravisCI Information
TravisCI directly integrates with different git platforms such as Github, Bitbucket, Assembla, and Gitlab. It will ask the user to give TravisCI permissions to access the repos he wants to integrate with TravisCI.
For example, in Github it will ask for the following permissions:
repo: Grants read and write access to code, commit statuses, collaborators, and deployment statuses for public and private repositories and organizations.
In TravisCI, as in other CI platforms, it's possible to save at repo level secrets that will be saved encrypted and be decrypted and push in the environment variable of the machine executing the build.
It's possible to indicate the branches to which the secrets are going to be available (by default all) and also if TravisCI should hide its value if it appears in the logs (by default it will).
For each repo TravisCI generates an RSA keypair, keeps the private one, and makes the repository’s public key available to those who have access to the repository.
You can access the public key of one repo with:
travis pubkey -r <owner>/<repo_name>
travis pubkey -r carlospolop/t-ci-test
Then, you can use this setup to encrypt secrets and add them to your
.travis.yaml. The secrets will be decrypted when the build is run and accessible in the environment variables.
Note that the secrets encrypted this way won't appear listed in the environmental variables of the settings.
Same way as before, TravisCI also allows to encrypt files and then decrypt them during the build:
travis encrypt-file super_secret.txt -r carlospolop/t-ci-test
encrypting super_secret.txt for carlospolop/t-ci-test
storing result as super_secret.txt.enc
storing secure env variables for decryption
Please add the following to your build script (before_install stage in your .travis.yml, for instance):
openssl aes-256-cbc -K $encrypted_355e94ba1091_key -iv $encrypted_355e94ba1091_iv -in super_secret.txt.enc -out super_secret.txt -d
Pro Tip: You can add it automatically by running with --add.
Make sure to add super_secret.txt.enc to the git repository.
Make sure not to add super_secret.txt to the git repository.
Commit all changes to your .travis.yml.
Note that when encrypting a file 2 Env Variables will be configured inside the repo such as:
Travis CI Enterprise is an on-prem version of Travis CI, which you can deploy in your infrastructure. Think of the ‘server’ version of Travis CI. Using Travis CI allows you to enable an easy-to-use Continuous Integration/Continuous Deployment (CI/CD) system in an environment, which you can configure and secure as you want to.
Travis CI Enterprise consists of two major parts:
- 1.TCI services (or TCI Core Services), responsible for integration with version control systems, authorizing builds, scheduling build jobs, etc.
- 2.TCI Worker and build environment images (also called OS images).
TCI Core services require the following:
- 1.A PostgreSQL11 (or later) database.
- 2.An infrastructure to deploy a Kubernetes cluster; it can be deployed in a server cluster or in a single machine if required
TCI Worker requires the following:
- 1.An infrastructure where a docker image containing the Worker and a linked build image can be deployed.
The amount of deployed TCI Worker and build environment OS images will determine the total concurrent capacity of Travis CI Enterprise deployment in your infrastructure.