Dynamically add and remove ssh keys to private gitlab repo

Question

I need the VM created by the gitlab-ci.yml (running Ubuntu 14.04) to install packer and then both access and download either my entire private gitlab repo, or just an individual file from that repo.

First I tried creating an ssh key in my script that creates the container and vm, and then remotely adding the .pub to the gitlab repo. However I forgot that the newly created container is discarded upon completion of the build. Meaning new keys are generated every time the container is created.

Is there anyway that I can dynamically add and delete keys to a private GitLab repo?

Answer 1

To use SSH keys in a GitLab CI Docker container to access other repositories on the GitLab server:

• Generate an SSH key pair (once).
• Add the public key as a deploy key every where that key should be granted access
• Inject the key into the container by doing the following:
  • Add the private key as a secret variable named SSH_PRIVATE_KEY
  • Add the following to the before_script in your .gitlab-ci.yml file
• Inject the GitLab server SSH host key into the container:
  • Add the host key as a secret variable named GITLAB_HOST_KEY
  • Add the following to the before_script in your .gitlab-ci.yml file

before_script:
  # Add SSH private key and GitLab server host key
  - eval $(ssh-agent -s)
  - ssh-add <(echo "$SSH_PRIVATE_KEY")
  - mkdir -p /root/.ssh
  - echo "$GITLAB_HOST_KEY" >> /root/.ssh/known_hosts