Skip to content
This repository has been archived by the owner on Sep 14, 2019. It is now read-only.

PEM format doesn't play nicely with now.sh secrets/env vars #17

Closed
rtsao opened this issue Oct 25, 2017 · 11 comments
Closed

PEM format doesn't play nicely with now.sh secrets/env vars #17

rtsao opened this issue Oct 25, 2017 · 11 comments
Labels
📄 Documentation Feedback related to improvements to Probot's documentation wontfix

Comments

@rtsao
Copy link

rtsao commented Oct 25, 2017

Currently, there's an ugly workaround required to provide the private key on CI deployments to now.sh.

The root cause is vercel/vercel#749, but I wonder if it would be worthwhile for probot to accept a base64 encoded private key via a PRIVATE_KEY_BASE64 env variable, so decoding it manually is not required.

This is arguably feature bloat, but would definitely reduce the friction of a common use case.

@bkeepers
Copy link
Contributor

With Heroku, you're able to set the key by surrounding it in quotes. Does something like this not work on Now?

$ heroku config:set PRIVATE_KEY="$(cat private-key.pem)"

There's also code already that will replace literal \n with newline, so you could put your private key all on one line with literal \n characters.

https://github.com/probot/probot/blob/master/lib/private-key.js#L18-L20

@rtsao
Copy link
Author

rtsao commented Oct 25, 2017

Unfortunately not. Both of the following don't work correctly:

now -e PRIVATE_KEY="$(cat private-key.pem)"
now secret add private-key "$(cat private-key.pem)"
now -e PRIVATE_KEY=@private-key

Like I said, the root problem is with now.sh, but it's definitely a source of friction in any case.

@hakusaro
Copy link

hakusaro commented Dec 8, 2017

I know that jumping in with "me too!" responses is not tactful and all, but I think that if nothing is going to be done to fix this, the documentation for deploying with now needs to be changed to reflect a workaround or removed entirely. Not a great first experience with probot with continually crashing into private key problems for an issue in an issue in an issue.

Specifically:

@JasonEtco
Copy link
Member

@hakusaro sorry that this is still happening 🙁 When you first came to it, did you see the deployment docs? If you did and those are wrong, good to know and we should update them. If you did not see those, then maybe we need to surface the docs a little bit better.

Did you see this issue? If this actually works (I haven't tried it myself) we should add that to the deployment docs.

documentation for deploying with now needs to be changed to reflect a workaround or removed entirely.

100% agreed. You're welcome to make a PR, or we'll hopefully get a chance to do it soon!

@hakusaro
Copy link

hakusaro commented Dec 8, 2017

@JasonEtco I didn't see that issue. The solution I went with was adding \n to each line and the concatenating the entire private key onto one line. I'd love to pull request that (and probably will) but I have no idea how to do that with pure unix tools (boo).

@stale
Copy link

stale bot commented May 19, 2018

Is this still causing friction? If so, please comment with any updates or addition details.

@stale stale bot added the wontfix label May 19, 2018
@hakusaro
Copy link

Is this still causing friction? If so, please comment with any updates or addition details.

I'm guessing it is given #25 but I'm not sure, personally.

@stale stale bot removed the wontfix label May 19, 2018
@platan
Copy link

platan commented Jun 1, 2018

A workaround was documented few days ago https://github.com/probot/probot/blob/master/docs/deployment.md#now thanks to probot/probot#548 But it's not available at https://probot.github.io/docs/deployment/#now

GitHub
probot - 🤖 A framework for building GitHub Apps to automate and improve your workflow
Probot
GitHub Apps to automate and improve your workflow

@stale
Copy link

stale bot commented Jul 31, 2018

Is this still causing friction? If so, please comment with any updates or addition details.

@stale stale bot added the wontfix label Jul 31, 2018
@stale stale bot closed this as completed Aug 7, 2018
@rtsao
Copy link
Author

rtsao commented Aug 20, 2018

There's now a built-in solution for this: probot/probot#624

@hleumas
Copy link

hleumas commented May 28, 2019

This should also work:
vercel/vercel#749 (comment)

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
📄 Documentation Feedback related to improvements to Probot's documentation wontfix
Projects
None yet
Development

Successfully merging a pull request may close this issue.

7 participants