Travis CI

Integrate Onboardbase into TravisCI builds

📘

This section assumes you already used Onboardbase CLI in your project, check the installation and setup sections.

📘

TIP

You can authenticate the CLI with Environment variables.
Supported environment variables are:

  • ONBOARDBASE_TOKEN - A service token
  • ONBOARDBASE_PROJECT - an onboardbase project name
  • ONBOARDBASE_ENVIRONMENT - an environment in the specified project

It is easier to create an Onboardbase configuration file during development through the onboardbase setup command, which is not the case most time for automated CI/CD processes.

In this guide, we will illustrate how to pull all your managed Onboardbase secrets into your CI/CD pipelines that automatically authorize and set up with values from TravisCI Environment Configurations.

This section assumes you already used Onboardbase CLI in your project. Check the installation and setup sections.

Generate Service Token

Click on the Manage Organization from an admin account and generate two service tokens, one for staging and the other for production.

Go to your TravisCI project setting, and add new secrets STAGING_ONBOARDBASE_TOKEN and PRODUCTION_ONBOARDBASE_TOKEN with the new service tokens, respectively.

Generate Setup File

Login to your Onboardbase account, select the project to set up for, click on the environment to switch to the right environment, then from the dropdown towards the right, once you open it, you'll see a generated setup you can copy.

Generate the setup for both your production and staging secrets.

Then, on TravisCI, create two new secrets with the name STAGING_ONBOARDBASE_SETUP and PRODUCTION_ONBOARDBASE_HOST and add the two setup configurations, respectively.

Access to a remote SSH server

This guide assumes you have SSH access to a remote server and also have access to the private key.

Add the private keys(staging and production servers) to your GitHub project secrets with the names PRODUCTION_SSH_KEY and STAGING_SSH_KEY, respectively.

Overall, to have the perfect configuration requirements, your CI process should have access to the following config variables:

  • STAGING_ONBOARDBASE_TOKEN
  • PRODUCTION_ONBOARDBASE_TOKEN
  • STAGING_ONBOARDBASE_SETUP
  • PRODUCTION_ONBOARDBASE_SETUP
  • STAGING_ONBOARDBASE_HOST
  • PRODUCTION_ONBOARDBASE_HOST
  • STAGING_SSH_KEY
  • PRODUCTION_SSH_KEY

A sample workflow

# declare your environment variables
env:
  # global will stay the same across all matrix possibilities (will not create additional combinations to run)
  global:
    - STAGING_ONBOARDBASE_TOKEN: $STAGING_ONBOARDBASE_TOKEN
    - STAGING_ONBOARDBASE_SETUP: $STAGING_ONBOARDBASE_SETUP
    - PRODUCTION_ONBOARDBASE_TOKEN: $PRODUCTION_ONBOARDBASE_TOKEN
    - PRODUCTION_ONBOARDBASE_SETUP: $PRODUCTION_ONBOARDBASE_SETUP
    - PRODUCTION_SSH_HOST: $PRODUCTION_SSH_HOST
    - STAGING_SSH_HOST: $STAGING_SSH_HOST
    - PRODUCTION_SSH_KEY: $PRODUCTION_SSH_KEY
    - STAGING_SSH_KEY: $STAGING_SSH_KEY


install:
  # Install onboardbase CLI
  - curl -Ss https://files.onboardbase.com/install.sh | bash - && source ~/.bashrc
  - onboardbase --version

before_script:
  # Authenticate the onboardbasae
  - onboardbase config:set-token $STAGING_ONBOARDBASE_TOKEN --scope (pwd)


deploy:
  - provider: script
    script: |-
      'which rsync || ( apt-get update -y && apt-get install rsync -y )' \
      'which ssh-agent || ( apt-get update -y && apt-get install openssh-client -y )' \
      eval $(ssh-agent -s)
      ssh-add <(echo "$PRODUCTION_SSH_KEY")
      mkdir -p ~/.ssh
      echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config
      echo "$PRODUCTION_ONBOARDBASE_SETUP" > ./.onboardbase.yaml \
      yarn test \
      ssh -o "StrictHostKeyChecking no" $PRODUCTION_SSH_HOST "cd ~/app && git fetch && git checkout dev && git pull origin dev && onboardbase build -c 'php artisan serve'"
    on:
      branch: master
  - provider: script
      'which rsync || ( apt-get update -y && apt-get install rsync -y )' \
      'which ssh-agent || ( apt-get update -y && apt-get install openssh-client -y )' \
      eval $(ssh-agent -s)
      ssh-add <(echo "$STAGING_SSH_KEY")
      mkdir -p ~/.ssh
      echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config
      echo "$STAGING_ONBOARDBASE_SETUP" > ./.onboardbase.yaml \
      yarn test \
      ssh -o "StrictHostKeyChecking no" $STAGING_SSH_HOST "cd ~/app && git fetch && git checkout dev && git pull origin dev && onboardbase build -c 'php artisan serve'"
    on:
      branch: dev

Test Pipeline

For the test stage to run successfully, we have to install Onboardbase CLI.

The deploy script installs, authenticates, and setup the runner using the staging or production credentials depending on the git branch it is running for so it can successfully read the secrets from the project and environment in the setup file.

'which rsync || ( apt-get update -y && apt-get install rsync -y )' \
'which ssh-agent || ( apt-get update -y && apt-get install openssh-client -y )' \
eval $(ssh-agent -s)
ssh-add <(echo "$STAGING_SSH_KEY")
mkdir -p ~/.ssh
echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config
echo "$STAGING_ONBOARDBASE_SETUP" > ./.onboardbase.yaml

Deployment

This CI/CD workflow file assumes you are using Onboardbase CLI to manage the environments already, please check one of our manage tutorial to set up a managed server.