Build and deploy from Travis

[samuele-mattiuzzo]

Follow up from this discussion: #164

An idea would be to have Travis build the reference site and, using ENV variables, scp the built folder in our live server.

This also implies that our stand-alone, orphan script that deploys gets moved in this repo (where it does actually make more sense) and is added to Travis.

What needs investigated is: can we achieve this via env variables and a simple scp script? Currently we authorize our servers via ssh keys, so that might be a blocker for this task.

Otherwise, we could also evaluate Andy's referencebot https://referencebot.github.io/

[andylolz]

An idea would be to have Travis build the reference site and, using ENV variables, scp the built folder in our live server.

referencebot does this, except it uploads to surge.sh instead of an IATI server. Here’s the referencebot travis file.

What needs investigated is: can we achieve this via env variables and a simple scp script? Currently we authorize our servers via ssh keys, so that might be a blocker for this task.

Yes, you absolutely can. This person and this person manage it in roughly the same way, using scp or rsync. I suspect it might be possible to do in a cleaner way, but in any case it’s definitely not a blocker.

This also implies that our stand-alone, orphan script that deploys gets moved in this repo (where it does actually make more sense) and is added to Travis.

This is fine, but it’s not strictly necessary. referencebot manages without moving any scripts.

[andylolz]

Untested, but I think something roughly like this would do the trick:
https://gist.github.com/andylolz/9ec048ac8f364a48e76b3c3f78ba1699

So that’s a combination of:

• what’s there currently
• stuff that gets auto-added when you run the commands in this blog
• stuff that needs populating with the specifics of the IATI server (IP and path)
• a bit at the bottom that attempts to ensure only version branches get deployed

There’s a bit missing to do with setting the deploy path depending on the version (e.g. version-2.03 branch should deploy to /203/).

Anyway – very glad you are looking into this! Hopefully it’s not too much hassle to do.

[samuele-mattiuzzo]

Ah thanks for posting the blog link, that's the same one I have been reading, just forgot to post the link!

Yeah there's no reason for all of it to stay the way it is at the moment, as we're firing too many things away manually and it's not error prone (but we all knew that :P)

[andylolz]

I’ve tested this, and it works:
andylolz@f49d711

I tried pointing it at a server, and it definitely rsyncs the built site across to the correct version directory on the server. Here’s an example travis log.

Here are the commands to run for the setup:

$ # generate a new key
$ ssh-keygen -t rsa -b 4096 -C 'build@travis-ci.org' -f ./deploy_rsa
$
$ # encrypt the private key
$ travis encrypt-file deploy_rsa --add
$
$ # put the public key on the relevant server
$ ssh-copy-id -i deploy_rsa.pub <ssh-user>@<deploy-host>
$
$ # put the encrypted private key into git, as well as the updated travis file
$ git add .travis.yml deploy_rsa.enc && git commit -m 'Travis deployment stuff'
$
$ # discard all key parts, so there's no chance of accidentally committing them!
$ rm deploy_rsa.pub deploy_rsa