Reputation: 3265
Multiple ssh keys with git submodules
I am using an enterprise version of GITHUB. I am creating an automatic build server for to build our projects. These projects have submodules.
As this build server is not "me" (it cannot possess my user credentials) , it needs to be able to download the projects from GIT via the github "deploy keys" feature. (per-project read only ssh-keys)
The limitations are: 1. github expects me to log on as ssh://[email protected] 2. github enforces a policy where no two projects can share a deploy key (unlike regular user keys which are registered for the entire github server). [side question, what is the reasoning behind this?!] 3. My corporate IT does not allow shared arbitrary accounts: A user is always associated with a person, it cannot belong to a server.
As such, I think my only option is to use the deploy keys feature with different keys for different projects. (deploy keys were basically developed with this scenario in mind... )
The only way I found which I can setup multiple keys is: https://gist.github.com/jexchan/2351996
Now regarding submodules: This trick can only work for top-level projects, because that's the only place I can specify a custom hostname, as in: "git clone git@custom-git-host-name" command.
When it goes to init and update the submodules, it uses whatever hostname is in the parent repo (which is the original mygithubserver.com ) . When our devs use their personal keys, this works flawlessly. However, for the build-server which needs different deploy keys for different projects, this fails.
Is there a way to get around this, and have git use different ssh keys for different projects on the same server?
Is there some silly way to have 2 projects share deploy keys? (I am not allowed to modify github source code, as this is a really huge IT managed enterprise githib server)
Upvotes: 16
Views: 2745
Answers (1)
Reputation: 3265
I solved it by creating a small script file in the parent project containing the following:
git submodule init
ssh-agent sh -c "ssh-add -D; ssh-add some_private_key.pem; git submodule update some_dubmodule"
ssh-agent sh -c "ssh-add -D; ssh-add another_private_key.pem; git submodule update another_submodule"
Upvotes: 13
Related Questions
- How to use git submodule with ssh key?
- Setting up multiple SSH key access to Github
- How do I use multiple SSH keys on GitHub?
- Handling Multiple SSH keys
- How do I manage multiple ssh keys to be used on two different private repository in GIT
- How to handle multiple ssh-keys
- SSH key for multiple github repositories
- Multiple SSH Keys on the same device
- Multiple ssh keys
- Git submodule using a different ssh key?