Wednesday, November 9, 2016

Make Travis-CI publish your module to Puppet forge automatically

Typically you want to release your module to Puppetforge to match your git tags. Example:
git tag '0.1.0' -m 'Version 0.1.0'
To have Travis publish this tag as a new version on the Puppet forge, you can add a deploy step to .travis.yml
---
language: ruby
script:
  - 'bundle exec rake $CHECK'
matrix:
  fast_finish: true
  include:
  - rvm: 2.1.9
    env: PUPPET_VERSION="~> 3.0" STRICT_VARIABLES="yes" CHECK=test
  - rvm: 2.1.9
    env: PUPPET_VERSION="~> 4.0" CHECK=test
  - rvm: 2.3.1
    env: PUPPET_VERSION="~> 4.0" CHECK=rubocop
  - rvm: 2.3.1
    env: PUPPET_VERSION="~> 4.0" CHECK=test DEPLOY_TO_FORGE=yes
deploy:
  provider: puppetforge
  user: yuav
  password:
    secure: "ZjnryQvoKXpvL8mCF+4VSQDsE"
  on:
    tags: true
    # all_branches is required to use tags
    all_branches: true
    # Only publish the build marked with "DEPLOY_TO_FORGE"
    condition: "$DEPLOY_TO_FORGE = yes"
With the above configuration, Travis will trigger the deploy step if tag is pushed using the credentials supplied.   Naturally, you don't want your Puppet forge credentials in clear text in the .travis.yml. Fortunately, Travis supports encrypting variables:
gem install travis
travis encrypt secretpassword --add deploy.password
This will add/update the password.secure section in .travis.yml. This key will be valid for this modules git repo only For more information, see: https://docs.travis-ci.com/user/environment-variables/#Encrypting-environment-variables Now you're good to go! To release to the Forge just do the following:
git tag '0.1.0' -m 'Version 0.1.0'
git push origin master --tags
Wait for tests to pass, and Travis publish to Puppet forge!