From cf9098255963a15168bc3d5216428498c1ce3609 Mon Sep 17 00:00:00 2001
From: Rodrigo Fernandes <rtfrodrigo@gmail.com>
Date: Tue, 31 Jul 2018 19:02:56 +0100
Subject: [PATCH] Add gpg key

---
 .circleci/config.yml             | 15 +++++++++++++++
 scripts/setup-aws-credentials.sh | 14 ++++++++++++++
 2 files changed, 29 insertions(+)
 create mode 100755 scripts/setup-aws-credentials.sh

diff --git a/.circleci/config.yml b/.circleci/config.yml
index a96b7d12..104cf090 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -129,6 +129,20 @@ jobs:
       - *setup_dependencies_key
       - *restore_dependencies
       - *restore_build
+      - run:
+          name: Install AWS CLI
+          command: |
+            sudo apt -y update
+            sudo apt -y install python3-pip
+            sudo python3 -m pip install awscli
+      - run:
+          name: Setup AWS Credentials
+          command: ./scripts/setup-aws-credentials.sh
+      - run:
+          name: Retrieve GPG Keys
+          command: |
+            mkdir -p ~/.gnupg
+            aws s3 sync --profile shared-services --include '*.gpg' s3://$AWS_CREDENTIALS_BUCKET/gnupg/ ~/.gnupg
       - run:
           name: Publish library
           command: ./scripts/publish-lib.sh 5.0.$CIRCLE_BUILD_NUM
@@ -191,6 +205,7 @@ workflows:
           requires:
             - compile
       - publish_library:
+          context: CodacyAWS
           requires:
             - compile
             - test
diff --git a/scripts/setup-aws-credentials.sh b/scripts/setup-aws-credentials.sh
new file mode 100755
index 00000000..e87c941f
--- /dev/null
+++ b/scripts/setup-aws-credentials.sh
@@ -0,0 +1,14 @@
+#!/usr/bin/env bash
+
+set -e
+
+mkdir -p ~/.aws && touch ~/.aws/credentials
+
+cat >> ~/.aws/credentials << EOF
+[default]
+aws_access_key_id=$ACCESS_KEY_ID
+aws_secret_access_key=$SECRET_ACCESS_KEY
+[shared-services]
+source_profile = default
+role_arn = arn:aws:iam::$ACCOUNT_ID:role/CredentialsBucketReader
+EOF
\ No newline at end of file