I know I mentioned that I’ve been using the token method for installing private plugins, but when building plugins for clients I’ve learned that I don’t want to use a token from my own GitHub account. The client would then have access to all the repos I have access to.
An alternative has been to set up a machine user and grant that user a token that can be used once the machine user is made a collaborator on the private repo. But I don’t really feel like paying for an extra collaborator seat for each machine user.
I still use tokens on demo servers, but for production scenarios, I went back to the original way of installing private plugins. I did run into issues with the original instructions. What eventually worked for me was the following:
## Remember, this is YAML syntax - you can only have one block with a name run: - exec: echo "Beginning of custom commands" - exec: cd /var/www/discourse && sudo -u discourse bundle install --deployment --without test --without development - exec: mkdir /root/.ssh - exec: chmod 700 /root/.ssh - exec: echo "Host github.com\n\tStrictHostKeyChecking no\n" >> /root/.ssh/config - file: path: /root/.ssh/id_rsa chmod: 600 contents: | -----BEGIN RSA PRIVATE KEY----- -----your private key string----- -----END RSA PRIVATE KEY----- - file: path: /root/.ssh/id_rsa.pub chmod: 600 contents: ssh-rsa ---your long string--- user@discourse - exec: cd $home/plugins && git clone email@example.com:USERNAME/REPO-NAME.git - exec: cd $home && sudo -E -u discourse bundle exec rake db:migrate - exec: cd $home && rm -fr tmp/cache - exec: cd $home && sudo -E -u discourse bundle exec rake assets:precompile - exec: rm /root/.ssh/id_rsa - exec: rm /root/.ssh/id_rsa.pub - exec: chmod 600 /root/.ssh - exec: echo "End of custom commands"