Slide 1
Slide 1 text
circleci/androidͷ
OpenSSLʹؾΛ͚ͭΑ͏
@yamacraft
Slide 2
Slide 2 text
profile
• @yamacraft (Wataru Yamada)
• Mobile Application Engineer
• LeadingMark, inc
• team Y.G.E.(private)
• Ұ෦دߘ → → →
Slide 3
Slide 3 text
αϯϓϧϓϩδΣΫτ
https://github.com/yamacraft/android.RequestPermissions
Slide 4
Slide 4 text
લஔ͖
• ઌ΄ͲͷϓϩδΣΫτCircle CI 1.0ͰϏϧυ͢ΔΈΛೖ
Ε͍ͯͨ
• Circle CI 2.0ͩͱϏϧυૣ͘ͳΔͱฉ͍ͨͷͰɺࢼ͠ʹରԠ
ͯ͠ΈΑ͏ͱࢥͬͨ
• ͪͳΈʹൿಗใOpenSSLͰ҉߸Խͨ͠ϑΝΠϧʹೖΕͯ
͍Δʢ1.0࣌ʹެ͕ࣜҊͯͨ͠ํ๏Λ࠾༻ʣ
• https://github.com/circleci/encrypted-files
Slide 5
Slide 5 text
Circle CI2.0Ͱઃఆͨ͠༰
• imageެࣜͷcircleci/androidΛ༻
• OpenSSLͰ҉߸Խͨ͠ϑΝΠϧΛ෮ݩ͠ɺγ
εςϜͷڥมʹΈࠐΉ
• ͋ͱ./gradlew build͢Δ͚ͩ
Slide 6
Slide 6 text
decryptͰ͖ͳ͍…
Slide 7
Slide 7 text
Ͳ͏ͯ͠…
• circleci/android(apt)ͷOpenSSL 1.1.0f
• mac OS(homebrew)ͷOpenSSL1.0.2l
• 1.1.0͔Βޓੑʹͪΐͬͱʢ༷มߋʣ
͕͋ΔΒ͍͠…
Slide 8
Slide 8 text
ৄࡉ
• OpenSSL1.1.0ͱҎલͷόʔδϣϯͱͷޓੑ
• https://http2.try-and-test.net/openssl1_1_0_tips.html
Slide 9
Slide 9 text
ͰɺͲ͏ͨ͠ͷʁ
• ҉߸ԽϑΝΠϧΛ࡞Δ࣌ʹɺҰํؔΛ
sha256ࢦఆ͢ΔΦϓγϣϯΛࢦఆͯ͠ੜ͢
Δͱ෮߸ԽͰ͖ΔΑ͏ʹͳΔ
• openssl aes-256-cbc -md sha256 -e -in
secret-env-plain -out secret-env-cipher -k
$KEY
Slide 10
Slide 10 text
ϏϧυͰ͖ͨʂ
Slide 11
Slide 11 text
·ͱΊ
OpenSSLͷόʔδϣϯҧ͍ʹؾΛ͚ͭΑ͏ʂ
Slide 12
Slide 12 text
͓͠·͍