Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Document updating the GitHub deployment keys #8790

Merged
merged 2 commits into from
Jan 6, 2023
Merged

Document updating the GitHub deployment keys #8790

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
9b8c363
Document updating the GitHub deployment keys
earlephilhower Jan 6, 2023
5501963
Merge branch 'master' into dx
earlephilhower Jan 6, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
35 changes: 35 additions & 0 deletions package/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -202,3 +202,38 @@ The following points assume work in a direct clone of the repository, and not in
* In main README.md go to "Latest release" section, change version number in the readthedocs link to the version which was just released, and verify that all links work.
--------------COPY ABOVE THIS LINE--------------
```

## Updating a SSH deploy key

A SSH private/public key pair is required to update the master JSON (the final step of the release process). Sometimes GitHub will expire one side or the other of that key, and a new one will need to be regenerated and installed in the https://github.com/esp8266/esp8266.github.io (JSON) and https://github.com/esp8266/Arduino (core) repos.

1. Generate a new public/private SSH key pair:
````
$ ssh-keygen -t ed25519 -C earlephilhower@yahoo.com (**replace with your GH user account email**)
Generating public/private ed25519 key pair.
Enter file in which to save the key (/home/earle/.ssh/id_ed25519): deploy_key
Enter passphrase (empty for no passphrase): (**use no passphrase**)
Enter same passphrase again:
Your identification has been saved in deploy_key
Your public key has been saved in deploy_key.pub
The key fingerprint is:
...
````

2. Copy the contents of `deploy_key.pub` to the clipboard:
````
$ cat deploy_key.pub
ssh-ed25519 AAA..... earlephilhower@yahoo.com
````

3. Install the deploy key to GH.io. Go to https://github.com/esp8266/esp8266.github.io and the `Settings->Deploy Keys` and `Add deploy key`. Paste the (public key) string into the box and select `Allow writes` and hit OK.

4. Convert the `deploy_key` private key to a 1-line base64 representation and copy it to the clipboard.
````
$ base64 -w 0 < deploy_key && echo ""
yEvYm..... (**note this must be one single long line, hence the "-w 0"**)
````

5. Install the private key to the core repo. Go to https://github.com/esp8266/Arduino and select `Settings->Secrets->Actions` and add or update a `Repository secret` called `GHCI_DEPLOY_KEY`. Paste the 1-line base64 contents of your clipboard to the box and hit OK.

6. If the release failed in the `Update master JSON file` action, from the GH web interface run the `Actions->Release XXX->Re-run failed jobs` to re-run it and check its output.