I'm creating a node.js app that serves as a web hook for Github that will automatically deploy a certain private repo when changes are pushed. To make the webhook app as efficient as possible, I want to clone and pull the private repo into a temporary directory in my webhook's Heroku instance when it's deployed, so that when the webhook fires I only need to 'git pull' to get the latest updates and deploy them. It's easy enough to run a shell script when the webhook app is deployed (using package.json or the Procfile), but before I run git commands I have to install the private deploy key. Currently the private and public key are in my webhook repo (I know, I know, once I get it working I'll do better) so I tried installing it by adding this to my shell script (which was suggested here)
mkdir /app/.ssh
cp config/ssh/* /app/.ssh/
mkdir /tmp/repos
git clone --bare ssh://github.com/<username>/<repo>.git /tmp/repos/<repo>
but I'm getting:
Initialized empty Git repository in /tmp/repos/assets/ Host key verification failed. fatal: The remote end hung up unexpectedly
The public key has been added as a deploy key in the repo I'm pulling, so my questions are:
Thanks!
If you want to access private repositories during build time then this buildpack is the best option:
https://github.com/timshadel/heroku-buildpack-github-netrc
This allows you to set an environment variable with a Github Access Token. During the build process, a .netrc file is created with the access token which will give you access to any repositories for that user.
If however you want to access private repositories during build time, e.g. if your web dyno is doing git operations, then you can specify the repository URI in a way that includes your access token:
https://your_user:your_token@github.com/ABASystems/abas-engineering.git
Both of these methods allow you to access private git repositories without exposing your password.