Thanks Rob. We don't use Travis or Github and for now I'm the only one maintaining the module. We use Blackbox (https://github.com/StackExchange/blackbox) and hiera-eyaml-gpg (https://github.com/sihil/hiera-eyaml-gpg) to store shared secrets. If we get to doing this through our self-hosted Jenkins server then I'll probably look at providing the password to the job using the Credentials Plugin (https://cloudbees.zendesk.com/hc/en-us/articles/203802500-Injecting-Secrets-into-Jenkins-Build-Jobs).
Cheers. On Friday, 20 May 2016 21:08:14 UTC+10, Rob Nelson wrote: > > I love blacksmith, it's great. It does require the forge password be known > to the person running it, however. > > You can "level up" your deployments to allow others with write access to > your repo, but not the forge credentials, in a mature pipeline with Travis > CI's automated deployments <https://docs.travis-ci.com/user/deployment/>. > Details on puppetforge deploys > <https://github.com/travis-ci/dpl#puppet-forge>, and an example of a > working .travis.yml > <https://github.com/voxpupuli/puppet-archive/blob/master/.travis.yml#L43-L53> > (the secure string is generated by travis encrypt > <https://docs.travis-ci.com/user/encryption-keys/>). This allows any > contributor to create a tag (usually with the voxpupuli-release gem > <https://github.com/voxpupuli/voxpupuli-release-gem> and `rake > travis_release`, but also by creating a tag on GitHub). Travis kicks off a > build on the tag, and if the test specified in the deploy section goes > green, your module is published to the forge. That might be overkill for a > module maintained by one person, but it is pretty neat when you have a > distributed team and can't/don't want to share the forge password with > everyone. > > I'm sure you could get the same thing working with other services than > GitHub/Travis CI, those are just the pair I know. > > On Friday, May 20, 2016 at 3:48:16 AM UTC-4, garethr wrote: >> >> Hi Amos >> >> On 20 May 2016 at 05:51, Amos Shapira <[email protected]> wrote: >> > Hello, >> > >> > I didn't find a way to upload a module to the Forge using the Forge >> API. Is >> > this possible? >> > >> > I find it a bit weird that a tool which advocates "infrastructure as >> code" >> > doesn't cater for options to script module uploads. >> > >> >> It is indeed possible. Better that possible, there is even have a >> handy tool that provides a nice user interface for doing so. >> >> https://github.com/voxpupuli/puppet-blacksmith >> >> Blacksmith provides a number of useful commands for determining how >> you want to go about releasing your modules. The simplest is to just >> run: >> >> rake module:release >> >> The README has lots more details. >> >> Gareth >> >> >> > Am I missing something? >> > >> > Thanks. >> > >> > -- >> > You received this message because you are subscribed to the Google >> Groups >> > "Puppet Users" group. >> > To unsubscribe from this group and stop receiving emails from it, send >> an >> > email to [email protected]. >> > To view this discussion on the web visit >> > >> https://groups.google.com/d/msgid/puppet-users/8cbb7e19-dbf8-4f06-9a52-76ebb5c24287%40googlegroups.com. >> >> >> > For more options, visit https://groups.google.com/d/optout. >> >> >> >> -- >> Gareth Rushgrove >> @garethr >> >> devopsweekly.com >> morethanseven.net >> garethrushgrove.com >> > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/8e1f7ffe-3131-4392-8642-304156c895e9%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
