Rakefile in rake_easy_rsa-0.7.0 vs Rakefile in rake_easy_rsa-0.8.0.pre.1

@@ -1,21 +1,44 @@
 require 'yaml'
 require 'rake_circle_ci'
 require 'rake_github'
 require 'rake_ssh'
+require 'rake_gpg'
+require 'securerandom'
 require 'rspec/core/rake_task'
 
 task :default => :spec
 
 RSpec::Core::RakeTask.new(:spec)
 
-RakeSSH.define_key_tasks(
-    namespace: :deploy_key,
-    path: 'config/secrets/ci/',
-    comment: 'maintainers@infrablocks.io'
-)
+namespace :encryption do
+  namespace :passphrase do
+    task :generate do
+      File.open('config/secrets/ci/encryption.passphrase', 'w') do |f|
+        f.write(SecureRandom.base64(36))
+      end
+    end
+  end
+end
 
+namespace :keys do
+  namespace :deploy do
+    RakeSSH.define_key_tasks(
+        path: 'config/secrets/ci/',
+        comment: 'maintainers@infrablocks.io')
+  end
+
+  namespace :gpg do
+    RakeGPG.define_generate_key_task(
+        output_directory: 'config/secrets/ci',
+        name_prefix: 'gpg',
+        owner_name: 'InfraBlocks Maintainers',
+        owner_email: 'maintainers@infrablocks.io',
+        owner_comment: 'rake_easy_rsa CI Key')
+  end
+end
+
 RakeCircleCI.define_project_tasks(
     namespace: :circle_ci,
     project_slug: 'github/infrablocks/rake_easy_rsa'
 ) do |t|
   circle_ci_config =
@@ -25,10 +48,11 @@
   t.environment_variables = {
       ENCRYPTION_PASSPHRASE:
           File.read('config/secrets/ci/encryption.passphrase')
               .chomp
   }
+  t.checkout_keys = []
   t.ssh_keys = [
       {
           hostname: "github.com",
           private_key: File.read('config/secrets/ci/ssh.private')
       }
@@ -53,9 +77,10 @@
 
 namespace :pipeline do
   task :prepare => [
       :'circle_ci:project:follow',
       :'circle_ci:env_vars:ensure',
+      :'circle_ci:checkout_keys:ensure',
       :'circle_ci:ssh_keys:ensure',
       :'github:deploy_keys:ensure'
   ]
 end