jens/flipper
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Reroll CircleCI secrets (#4433)

Browse Source 
Summary:
Rerolled the secrets used to publish to maven and the key to encrypt the additional gradle properties. Changing to pbkdf2-based key derivation, too, which should hopefully be supported by the CircleCI host.

Ref: https://circleci.com/blog/january-4-2023-security-alert/
Ref: T141744585

Pull Request resolved: https://github.com/facebook/flipper/pull/4433

Reviewed By: antonk52

Differential Revision: D42431128

Pulled By: passy

fbshipit-source-id: ec0ba2c7eecfd8cb206ccf2086604bf28dbea313
This commit is contained in:
Pascal Hartig
2023-01-10 06:14:43 -08:00
committed by Facebook GitHub Bot
parent f8161d67a0
commit 882b969931
2 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
scripts/gradle-publish-keys.enc
View File

Binary file not shown.

2
scripts/publish-android-snapshot.sh
View File

@@ -16,6 +16,6 @@ elif [ "$IS_SNAPSHOT" == "" ]; then
echo "Skipping build. Given build doesn't appear to be a SNAPSHOT release." echo "Skipping build. Given build doesn't appear to be a SNAPSHOT release."
exit 1 exit 1
else else
openssl aes-256-cbc -d -in scripts/gradle-publish-keys.enc -k "$ANDROID_PUBLISH_KEY" >> "$BASEDIR/gradle.properties" openssl aes-256-cbc -pbkdf2 -d -in scripts/gradle-publish-keys.enc -k "$ANDROID_PUBLISH_KEY" >> "$BASEDIR/gradle.properties"
"$BASEDIR"/gradlew publish "$BASEDIR"/gradlew publish
fi fi