kc3-lang/libjpeg-turbo/ci/keys.enc

ci/keys.enc

Log

Author Commit Date CI Message
DRC 2d4b2f14 2016-10-20T17:55:55 Travis: Deploy to S3 rather than SourceForge This has the following advantages: -- It doesn't require checking a private SSH key into the repository. (With SourceForge, an SSH key is the "keys to the kingdom".) -- If the S3 key is compromised, it is very easy to revoke it and generate a new one. -- The S3 bucket is isolated, so even if it becomes compromised, then the damage that one could do is limited. -- It's much easier to manage files through S3's web interface than through SourceForge. -- The files are served via HTTPS. -- Travis fully supports S3 as a deployment target, so this simplifies .travis.yml somewhat.
DRC 9366cf0b 2016-10-20T01:01:27 Travis: GPG sign Linux binaries/source tarballs Since we're still deploying our Linux/macOS CI artifacts to a web server (specifically SourceForge Project Web Services) that doesn't support HTTPS, it's a good idea to sign them. But since the private key has to be checked into the repository, we use a different key for signing the pre-releases (per project policy, the private signing keys for our release binaries are never made available on any public server.)
kmx.io     mail     discord kmxgit v0.4.0