882b969931
Summary: Rerolled the secrets used to publish to maven and the key to encrypt the additional gradle properties. Changing to pbkdf2-based key derivation, too, which should hopefully be supported by the CircleCI host. Ref: https://circleci.com/blog/january-4-2023-security-alert/ Ref: T141744585 Pull Request resolved: https://github.com/facebook/flipper/pull/4433 Reviewed By: antonk52 Differential Revision: D42431128 Pulled By: passy fbshipit-source-id: ec0ba2c7eecfd8cb206ccf2086604bf28dbea313
22 lines
762 B
Bash
Executable File
22 lines
762 B
Bash
Executable File
#!/usr/bin/env bash
|
|
# Copyright (c) Meta Platforms, Inc. and affiliates.
|
|
#
|
|
# This source code is licensed under the MIT license found in the
|
|
# LICENSE file in the root directory of this source tree.
|
|
|
|
set -e
|
|
|
|
BASEDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )/.." && pwd )"
|
|
IS_SNAPSHOT="$(grep 'VERSION_NAME=[0-9\.]\+-SNAPSHOT' "$BASEDIR/gradle.properties" || echo "")"
|
|
|
|
if [ "$ANDROID_PUBLISH_KEY" == "" ]; then
|
|
echo "No encryption key. Skipping snapshot deployment."
|
|
exit
|
|
elif [ "$IS_SNAPSHOT" == "" ]; then
|
|
echo "Skipping build. Given build doesn't appear to be a SNAPSHOT release."
|
|
exit 1
|
|
else
|
|
openssl aes-256-cbc -pbkdf2 -d -in scripts/gradle-publish-keys.enc -k "$ANDROID_PUBLISH_KEY" >> "$BASEDIR/gradle.properties"
|
|
"$BASEDIR"/gradlew publish
|
|
fi
|