Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for specifying a SSH key per git repository #37

Closed
larstobi opened this issue May 27, 2013 · 5 comments
Closed

Add support for specifying a SSH key per git repository #37

larstobi opened this issue May 27, 2013 · 5 comments
Labels
feature

Comments

@larstobi
Copy link

Using a Puppetfile with modules in private git repositories using SSH requires using a SSH private key.

Using the "deploy key" feature in Github and Github Enterprise will grant access to repositories for machines. It disallows duplicate SSH keys accross the entire site. Each repository needs to have it's separate deploy key.

This could be solved by generating multiple keys, one per repository, and speficying the SSH key to git when fetching.

Example config:

mod 'site-nrpe',
    :git => 'git@github.com:organization/puppet-site-nrpe.git',
    :sshkey_path => '/var/opt/lib/r10k/.ssh/puppet-site-nrpe_id_rsa'

What do you think?
@adrienthebo
Copy link
Contributor

👍 for this behavior. However the last time I played with Github deploy keys I think there had to be some special environment variable magic to do this on a per-repo basis.

In addition this would need to be done for the Puppetfile as well as top level sources, right?

@Ancillas
Copy link

Can't this be managed using an SSH config file? Does it make sense for it
to be managed by r10k?

Greg

On May 28, 2013, at 12:04 AM, Adrien Thebo notifications@github.com wrote:

[image: 👍] for this behavior. However the last time I played with Github
deploy keys I think there had to be some special environment variable magic
to do this on a per-repo basis.

In addition this would need to be done for the Puppetfile as well as top
level sources, right?


Reply to this email directly or view it on
GitHubhttps://github.com//issues/37#issuecomment-18529833
.

@larstobi
Copy link
Author

Ancillas: I think maybe your approach is better. It may be out of r10k's area of responsibility.

For instance, sharing the Puppetfile between puppet masters and developers, presents problems if it contains sshkey_paths to keys, which may not exist everywhere, and r10k shouldn't generate keys.

@adrienthebo
Copy link
Contributor

@larstobi to follow up on this do you think this sort of functionality is still needed, or can we close this issue out?

@larstobi
Copy link
Author

@adrienthebo yes, I think this functionality is better served by an SSH config file, as @Ancillas suggested.

sarameisburger pushed a commit to sarameisburger/r10k that referenced this issue Apr 12, 2019
@adrienthebo
Merge pull request puppetlabs#37 from shrug/4.0.x
af8a3d3 
Merge 3.99.x into 4.0.x
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@larstobi @adrienthebo @Ancillas