travis-ci setup releases with --github-token

Question

I am having problems using setup releases with a github token. I like travis-ci but I am not willing to hand out my github password - I need to use the token and I read the documentation as this should be possible this way. Unfortunately it still asks for pasword:

$ travis login --github-token XXXXXXXXX
Successfully logged in as ligi!

$ travis whoami 
You are ligi (ligi)

$ travis setup releases
Detected repository as ligi/gobandroid, is this correct? |yes| 
Username: 

Answer 1

The Travis CI CLI will not send the GitHub password to Travis CI, instead it will send it to GitHub and use it to generate a GitHub token (the same is true for travis login).

However, if you still feel uncomfortable, you can configure the deployment manually.

Add the following to your .travis.yml:

deploy:
  provider: releases
  api_key: "GITHUB OAUTH TOKEN"
  file: "FILE TO UPLOAD"
  skip_cleanup: true
  on:
    tags: true
    all_branches: true

You can encrypt the GitHub OAuth token via travis encrypt .... It is not necessary to be logged in via the CLI for this, and the encryption happens locally.

See http://docs.travis-ci.com/user/deployment/releases/ for the full documentation

Answer 2

I think you can use -t/--token option, e.g.

travis login --org --github-token G1tHu8T0K3N
travis setup releases --org -t G1tHu8T0K3N

Answer 3

Here's a route which doesn't involve typing your GitHub password into the terminal. I assume you have the travis CI installed. This assumes you're using travis-ci.org, but replacing --org with --com should work otherwise.

If github.com/your/repo was your repo:

1. Generate a Github personal access token with the following scope: read:org, public_repo, repo:status, repo_deployment, user:email, write:repo_hook
2. (Optional?) Login using travis login <your token> --org
3. Run echo <your key> | travis encrypt --org -r your/repo
4. Use that secret in your .travis.yml file as described in the documentation

You may need to provide full repo scope, but for the free tier of Travis, public_repo is enough. I'm also not sure which of the other scopes are mandatory.

echo is useful on Windows because Ctrl-D doesn't work properly in Powershell.