Superseded by iam-ssh-agent which improves security by removing the need for direct access to private key material.
Wraps the built-in Buildkite checkout phase in a one-shot SSH Agent, populated with an SSH Private key fetched from the AWS Systems Manager Parameter Store.
Requires the awscli to be installed.
- Add a Deploy Key to your GitHub repository.
- Open the AWS Systems Manager Parameter Store console and create a
SecureString named
/github/{organisation}/{repository}/deploy-key
with the key. - Ensure your Buildkite agent has AWS IAM credentials with permission for
ssm:GetParameter
andkms:Decrypt
.
steps:
- command: script/cibuild
plugins:
- "keithduncan/ssm-ssh-agent#v1.0"