Skip to content

Commit

Permalink
Reroll CircleCI secrets (#4433)
Browse files Browse the repository at this point in the history 
Summary:
Rerolled the secrets used to publish to maven and the key to encrypt the additional gradle properties. Changing to pbkdf2-based key derivation, too, which should hopefully be supported by the CircleCI host.

Ref: https://circleci.com/blog/january-4-2023-security-alert/
Ref: T141744585

Pull Request resolved: #4433

Reviewed By: antonk52

Differential Revision: D42431128

Pulled By: passy

fbshipit-source-id: ec0ba2c7eecfd8cb206ccf2086604bf28dbea313
  • Loading branch information
@passy @facebook-github-bot
passy authored and facebook-github-bot committed Jan 10, 2023
1 parent f8161d6 commit 882b969
Show file tree
Hide file tree
Showing 2 changed files with 1 addition and 1 deletion.
Binary file modified scripts/gradle-publish-keys.enc
View file
Binary file not shown.
2 changes: 1 addition & 1 deletion scripts/publish-android-snapshot.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,6 @@ elif [ "$IS_SNAPSHOT" == "" ]; then
echo "Skipping build. Given build doesn't appear to be a SNAPSHOT release."
exit 1
else
openssl aes-256-cbc -d -in scripts/gradle-publish-keys.enc -k "$ANDROID_PUBLISH_KEY" >> "$BASEDIR/gradle.properties"
openssl aes-256-cbc -pbkdf2 -d -in scripts/gradle-publish-keys.enc -k "$ANDROID_PUBLISH_KEY" >> "$BASEDIR/gradle.properties"
"$BASEDIR"/gradlew publish
fi

0 comments on commit 882b969

Please sign in to comment.