Project to showcase installing of python dependencies using github Actions from private git reporistories. Python library to install: aws-pylib (fork)
- Create a keypair somewhere using
ssh-keygen -t rsa -b 4096without passphrase. Don't overwrite your current one ;) - Add a new Deploy key
ACTIONS_PIP_ACCESS_EXAMPLE_PROJECT_PUBtoaws-pylibwith the content of fileid_rsa.pub - Add a new secret to this dependent project
pip-example-projectACTIONS_PIP_ACCESS_EXAMPLE_PROJECT_PRIV= content ofid_rsa - Commit a change and see how the github actions
install-dep-sshis running
- Generate new keypair for each dependent application.
- If multiple libraries are required, add content of
id_rsa.pubas a new deploy key to required repo.- For this save the
id_rsa.pubinside the dependent project id_rsa.pub, so you can easily get the public key to add new deploy keys.
- For this save the
- Generate Personal access tokens with scope
repoACTIONS_PIP_ACCESS_EXAMPLE_PROJECT_TOKEN- If you don't want to create the token on a real user, create a machine user git account and generate a token for each dependent repository.
- The machine user should only have read-access to the repositories.
- Add a new secret to this dependent project
pip-example-projectwith same name:ACTIONS_PIP_ACCESS_EXAMPLE_PROJECT_TOKEN= generated token - Commit a change and see how the github actions
install-dep-httpsis running
- As it is a PAT, dependent project has access to ALL private repositories.