How to clone private repo in container via app.yml?


(Zach Alexander) #1

I’d like to add a plugin by cloning a repo in app.yml. This fails because the repo is private.

The host machine’s public SSH key is registered with GitHub, and I can clone it there fine – so it seems like I want app.yml to read the host keys and add them to the container’s ~/.ssh. How would I do this?

I’d like to avoid pasting a private key into app.yml if possible, since I have it in version control.


(axil) #2

Not really replying to your question about using keys, but you can try try something like this:

https://username:password@github.com/username/project.git.


(Zach Alexander) #3

Yes, this is the easiest way, but it sucks because your password is in plaintext and also in version control (I have app.yml in version control).

If you could specify strings via environment variables (something like https://username:#{ENV.GITHUB_PASSWORD}@github.com/username/project.git) that would be an improvement.


(Kane York) #4

Note that this will also work with BitBucket, which has free private repositories.


(Mendel) #5

Is this still the recommended way of adding a private github repo to app.yml?


(Kane York) #6

Well, I would use (read: “demand that you use”) a separate account only used to access these repositories, with no wriet access, with a long (>20 char) pseudorandom password, but yes - the alternative involves copying files, which…ehhh…


(system) #7

(David Taylor) #8

You can now use OAuth tokens to clone private repositories, described here:


(David Taylor) #9