设置 Gitlab CI 以允许克隆其他私有存储库
像 GoLang 这样的一些项目可能需要在构建期间克隆其他依赖的 GitLab 存储库。要使此工作正常,你可以向相关存储库添加部署密钥,并将私钥(无密码)放入源存储库。
在构建期间依赖于其他存储库的 Git 存储库中创建并签入 SSH 密钥:
ssh-keygen -t rsa -b 4096 -C "My CI Deploykey"
# In the following promt name the key "deploykey" and leave the passphrase empty
Generating public/private rsa key pair.
Enter file in which to save the key (/home/user/.ssh/id_rsa): deploykey
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in deploykey.
Your public key has been saved in deploykey.pub.
# check-in both files
使用 deploykey.pub
在依赖存储库中配置 deploykey。你可以在 GitLab 项目设置中找到 Deploykey 页面。
现在将以下内容添加到 .gitlab-ci.yml
中
before_script:
# Git and SSH setup to clone private repos
# Needs the deploykey file to be installed in all dependent repositories
- git config --global url."git@gitlab.com:".insteadOf "https://gitlab.com/"
# Add gitlab to known_hosts
- mkdir -p ~/.ssh && chmod 700 ~/.ssh
- ssh-keyscan -H gitlab.com >> ~/.ssh/known_hosts
# Start the ssh agent and add the deploykey
- chmod 400 deploykey
- eval $(ssh-agent -s)
- ssh-add deploykey
现在,在你的构建中任何对 git clone
的调用都应该有效。即使它是通过其他工具,如 go get
,govendor sync
,或任何你正在使用的工具。