Skip to content
This repository has been archived by the owner on Dec 15, 2021. It is now read-only.

Latest commit

 

History

History
27 lines (20 loc) · 892 Bytes

README.md

File metadata and controls

27 lines (20 loc) · 892 Bytes
Raw

ssm-ssh-agent-buildkite-plugin

Superseded by iam-ssh-agent which improves security by removing the need for direct access to private key material.

Wraps the built-in Buildkite checkout phase in a one-shot SSH Agent, populated with an SSH Private key fetched from the AWS Systems Manager Parameter Store.

Requires the awscli to be installed.

  1. Add a Deploy Key to your GitHub repository.
  2. Open the AWS Systems Manager Parameter Store console and create a SecureString named /github/{organisation}/{repository}/deploy-key with the key.
  3. Ensure your Buildkite agent has AWS IAM credentials with permission for ssm:GetParameter and kms:Decrypt.

Example

steps:
- command: script/cibuild
  plugins:
  - "keithduncan/ssm-ssh-agent#v1.0"