Multiple deploy keys not working #88
Description
Context
I am trying to automate the CI pipeline for our internal python package development workflow which executes using Github Actions. Some of our internal packages depend on other internal packages, all which are private and hosted on Github.
We use pip as the package manager.
I am encountering issues with multiple deploy keys.
I have followed the usual set up of:
- creating SSH keys (PEM with the comments outlined as specified by README, e.g.
ssh-keygen -t rsa -b 4096 -C "git@github.com:some_owner/some_repo.git" -m PEM - adding public component as deploy key for private dependency
- adding private key as secret to repo of interest (repo pulling this private dependency)
Using v0.5.3, this is what I see in the workflow output - seems related to not being able to parse the comment correct and recognise deploy keys:
2021-07-26T10:57:05.7794800Z env:
2021-07-26T10:57:05.7796581Z GITHUB_TOKEN: ***
2021-07-26T10:57:05.7798527Z pythonLocation: /opt/hostedtoolcache/Python/3.7.11/x64
2021-07-26T10:57:05.7806040Z LD_LIBRARY_PATH: /opt/hostedtoolcache/Python/3.7.11/x64/lib
2021-07-26T10:57:05.7807692Z ##[endgroup]
2021-07-26T10:57:05.8422742Z Adding GitHub.com keys to /home/runner/.ssh/known_hosts
2021-07-26T10:57:05.8436751Z Starting ssh-agent
2021-07-26T10:57:05.8765906Z SSH_AUTH_SOCK=/tmp/ssh-az1ZZWNazbO4/agent.1585
2021-07-26T10:57:05.8768382Z SSH_AGENT_PID=1586
2021-07-26T10:57:05.8770059Z Adding private key(s) to agent
2021-07-26T10:57:05.8991691Z Identity added: (stdin) ((stdin))
2021-07-26T10:57:05.9097294Z Identity added: (stdin) ((stdin))
2021-07-26T10:57:05.9099336Z Key(s) added:
2021-07-26T10:57:05.9138860Z 4096 SHA256:****.. (stdin) (RSA)
2021-07-26T10:57:05.9142390Z 4096 SHA256:****.. (stdin) (RSA)
2021-07-26T10:57:05.9150853Z Configuring deployment key(s)
2021-07-26T10:57:05.9215038Z Comment for key 'ssh-rsa blah blah (stdin)' does not match GitHub URL pattern. Not treating it as a GitHub deploy key.
2021-07-26T10:57:05.9265081Z Comment for key 'ssh-rsa blah blah (stdin)' does not match GitHub URL pattern. Not treating it as a GitHub deploy key.
2021-07-26T10:57:05.9287781Z Comment for key '' does not match GitHub URL pattern. Not treating it as a GitHub deploy key.
As a result, the first dependency is correctly cloned and installed, but the second fails.
Also, not sure why it is implying that it is looking for comments in a 3rd key, when only two keys are required.
It may be easier to use a direct mapping from key to repo, similar to the implementation in this fork.