git-ssh-key
Advanced tools
Setup ssh private keys for git from environment variables
git-ssh-key makes it easy to setup ssh keys for git hosting services. It is ideally meant to be used on CI to setup ssh key to access private repos. One of the use case is to install npm packages from private git repos.
It has two prerequisites:-
git-ssh-key needs two things to function properly. The private key and the
url of the git host. You can provide any number of private key and host url
pairs by setting the proper environment variables. git-ssh-key looks for a
pattern in env variables to get pairs of private keys and hosts.
The pattern for private keys is:
GIT_SSH_KEY_XXXXX
Example:-
GIT_SSH_KEY_GITHUB
GIT_SSH_KEY_GITLAB
GIT_SSH_KEY_BUTBUCKET
GIT_SSH_KEY_COMPANY_GITLAB
This variables need to be set with appropriate private keys encoded in base64.
The pattern for host urls is:-
GIT_SSH_HOST_XXX
Example:-
GIT_SSH_HOST_GITHUB='github.com'
GIT_SSH_HOST_GITLAB='gitlab.com'
GIT_SSH_HOST_BUTBUCKET='bitbucket.org'
GIT_SSH_HOST_SELF_GITLAB=gitlab.self.com
For every host, there must be a corresponding private key and vice versa with an exception to few popular hosts.
You don't need to provide host urls for Github, Gitlab or Bitbucket. They are
set by default to github.com, 'gitlab.com' and 'bitbucket.org' respectively.
Though if you do provide host urls for these services, provided urls will
override the default urls.
git-ssh-env setup
And it will setup ssh keys for all the services for which environment variables are set.
To cleanup when you no longer need the access, run
git-ssh-env teardown
It will remove all the added keys and config.
See the example folder to get an idea about how git-ssh-env should be used.
In that folder if you open the package.json file, you can see that it is dependent on a private package hosted on gitlab. That package is also dependent on a private package hosted on bitbucket. Both those platforms have diffrent keys.
I have added GIT_SSH_KEY_GITLAB and GIT_SSH_KEY_BUTBUCKET environement variables to Travis CI with respective private
keys in base64 encoded format.
index.js file checks that both the packages were added properly by checking the output.
This test is run on every CI build. You can see the log of the last build here.
npm install -g git-ssh-key
git-ssh-key [setup|teardown]
I got a lot of help from this gist.
MIT © Siddharth Doshi
FAQs
Setup ssh private keys for git from environment variables
We found that git-ssh-key demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
A critical vm2 sandbox escape can allow untrusted JavaScript to break isolation and execute commands on the host Node.js process.
Research
Five malicious NuGet packages impersonate Chinese .NET libraries to deploy a stealer targeting browser credentials, crypto wallets, SSH keys, and local files.
Security News
pnpm 11 turns on a 1-day Minimum Release Age and blocks exotic subdeps by default, adding safeguards against fast-moving supply chain attacks.