From ec21b3b7a8b951dfb8fb1445fadfb8d754e49045 Mon Sep 17 00:00:00 2001
From: Robin Kara <robin@kara.nu>
Date: Mon, 4 Apr 2022 10:21:50 +0200
Subject: [PATCH] documentation upload: use masked variable to export base64
 encoded secret key to docker env

---
 .gitlab-ci.yml | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 153cb7d..e36c8f1 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -27,10 +27,23 @@ test:
 create_docs:
   stage: create_docs
   needs: [test]
+  variables:
+    docs_upload_host: hosted-024-173.rz.uni-augsburg.de
+    docs_path_component: icartt
   script:
     - poetry install
     - cd docs
     - poetry run sphinx-build -b html . ../public
+    # Following lines are ssh-agent setup and key injection, to allow upload of docs
+    - 'command -v ssh-agent >/dev/null || ( apt-get update -y && apt-get install openssh-client -y )'
+    - 'command -v rsync >/dev/null || ( apt-get update -y && apt-get install --no-install-recommends rsync -y )'
+    - eval $(ssh-agent -s)
+    # Encode with cat <key> | base64 -w0, then configure variable as admin in Gitlab Web UI
+    # Use the mbees.docs.user state via pillar to create users and ssh config on our docs web server
+    - echo "$docs_ssh_key" | tr -d ' ' | base64 --decode | ssh-add -
+    - mkdir -p ~/.ssh && chmod 700 ~/.ssh
+    - ssh-keyscan ${docs_upload_host} > ~/.ssh/known_hosts
+    - rsync -ax ../public/ ${CI_PROJECT_NAME}-docs@${docs_upload_host}:/srv/docs/${docs_path_component}/public/$(poetry version -s)/
   artifacts:
     paths:
       - public
-- 
GitLab