To follow this tutorial on your own computer, please install the
jet CLI locally first.
During your build you might want to access other repositories to pull in dependencies or push your code to other servers.
To do this you need to set up an encrypted SSH Key that is available as an environment variable and can be written to the
We will walk you through an example that will set up a key, encrypt it and make it available during the build. For cloning from Github another option is to use their OAuth Key instead of an SSH key.
The following command will create two files in your local repository.
keyfile.rsa contains your private key that we will encrypt and put into your repository. This encrypted file will be decrypted on Codeship as part of your build. The second file
keyfile.rsa.pub can be added to services that you want to access.
ssh-keygen -t rsa -b 4096 -C "firstname.lastname@example.org" -f keyfile.rsa
Now you have to copy the content of
keyfile.rsa into an environment file
sshkey.env. Make sure to replace newlines with \n so the whole SSH key is in one line. The following is an example of ssh_key.env.
PRIVATE_SSH_KEY=-----BEGIN RSA PRIVATE KEY-----\nMIIJKAIBAAKCFgEA2LcSb6INQUVZZ0iZJYYkc8dMHLLqrmtIrzZ...
After preparing the
sshkey.env file we can encrypt it with Jet. Follow the encryption tutorial to turn the
sshkey.env file into a
You can then add it to a service with the
encrypted_env_file option. It will be automatically decrypted on Codeship.
app: build: . encrypted_env_file: sshkey.env.encrypted
Before running a command that needs SSH available make sure to run the following commands in that container. They will set up the SSH key so you can access external services.
mkdir -p "$HOME/.ssh" echo -e $PRIVATE_SSH_KEY >> $HOME/.ssh/id_rsa