Skip to content
Snippets Groups Projects
Commit 8dd00d39 authored by Jean-Paul Calderone's avatar Jean-Paul Calderone
Browse files

Remove group and other permissions from the deploy key

parent a816c534
Branches
Tags
No related merge requests found
......@@ -82,9 +82,17 @@ system-tests:
# Copy the deploy key from the environment to a file so we can actually
# tell ssh to use it.
- |
# The environment variable is configured with GitLab using Terraform so
# we can retain some bare minimum level of confidentiality.
# Make sure the deploy key file is not readable by anyone else. Not
# that there should be anyone else looking - but OpenSSH won't even read
# it if it looks like it is too open.
umask 077
# Make up a safe-ish place on the filesystem to write the key.
KEY_PATH="$(mktemp -d)/deploy_key"
# The environment variable holding the key is configured with GitLab
# using Terraform so we can retain some bare minimum level of
# confidentiality.
base64 --decode "${PRIVATESTORAGEIO_STAGING_SSH_DEPLOY_KEY}" > "${KEY_PATH}"
# Update the deployment
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment