Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Install private repository in build stage on GitHub Actions

I am using GitHub Actions to deploy to Azure. In this project I am using our own private repository's which we host on GitHub. These repository's will be installed during build and their links are stored in requirements.txt, for example:

git+ssh://[email protected]/org-name/package-name.git

Locally, there is no problem installing the requirements, since I have access to these private repository's with SSH. But how would I access these during build in GitHub actions.

I get the error:

Collecting git+ssh://****@github.com/org-name/package-name.git (from -r requirements.txt (line 1))
  Cloning ssh://****@github.com/org-nam/package-name.git to /tmp/pip-req-build-9nud9608
ERROR: Command errored out with exit status 128: git clone -q 'ssh://****@github.com/org-name/package-name.git' /tmp/pip-req-build-9nud9608 Check the logs for full command output.
Error: Process completed with exit code 1.

Which makes sense, since it is a private repository.

like image 913
Erfan Avatar asked Nov 06 '20 13:11

Erfan


People also ask

Can other repositories use my GitHub actions?

GitHub Actions from private repositories cannot be directly used by otherrepositories, even if they belong to the same organization.

Can actions/checkout@v2 handle private repositories?

Updated on 06/18/2020: actions/checkout@v2 can now handle private repositories. See the updated solution. GitHub Actions are awesome. The ability of build workflows nicely coupled to source code and backed by cloud computing is truly awesome. No wonder the feature will be moving to general availability on November 13.

How do I install dependencies from private GitHub repositories?

This is how I have managed to install dependencies from private GitHub repositories. Dependencies in package.json can be added as follows. The github: prefix is optional. Specifying the #branch or #tag is also optional. Here is an example workflow. PAT is a repo scoped Personal Access Token.

How do I commit to GitHub and push to server?

You can now commit the code and push it to GitHub. Once in your GitHub repository, you can run the action manually by going to the Actions section on GitHub's web interface. Under Workflows you'll see the Deploy To Server workflow, select it and you'll be able to click Run workflow.


1 Answers

You might try and include in your GitHub Action workflow the webfactory/ssh-agent action:

When running a GitHub Action workflow to stage your project, run tests or build images, you might need to fetch additional libraries or vendors from private repositories.

GitHub Actions only have access to the repository they run for.

So, in order to access additional private repositories:

  • create an SSH key with sufficient access privileges.
  • Then, use this action to make the key available with ssh-agent on the Action worker node.
  • Once this has been set up, git clone commands using ssh URLs will just work. Also, running ssh commands to connect to other servers will be able to use the key.

That would give a workflow like:

# .github/workflows/my-workflow.yml
jobs:
    my_job:
        ...
        steps:
            - actions/checkout@v1
            # Make sure the @v0.4.1 matches the current version of the
            # action 
            - uses: webfactory/[email protected]
              with:
                  ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }}
            - ... other steps
like image 51
VonC Avatar answered Oct 14 '22 10:10

VonC