This action modifies the Git and SSH configuration with the specified GitHub deploy keys to access other private repositories on the GitHub-hosted Windows, Linux, and macOS runners.

Note that this action does not use ssh-agent.

Required Deploy keys of other private repositories.

To create a deploy key available for this action, you need to embed the SSH URL of the repository into the key comment. For instance, if the SSH URL of the repository is [email protected]:foo/bar.git, you can create the deploy key using the following command: ssh-keygen … -C '[email protected]:foo/bar.git'.

    steps:
    - name: Setting up deploy keys
      uses: maroontress/deploy-keys@v1
      with:
        keys: |
          ${{ secret.BAR_DEPLOY_KEY }}
          ${{ secret.BAZ_DEPLOY_KEY }}
    - name: Clone the private repositories
      shell: bash
      run: |
        git clone --depth 1 [email protected]:foo/bar.git
        git clone --depth 1 [email protected]:foo/baz.git

Please use a full-length commit SHA instead of the tag like v1. For a more realistic example, see here.

This action assigns a unique fake hostname to each repository in the Git layer, converts the fake hostname to github.com in the SSH layer, and associates the fake host with the SSH key of the corresponding repository.

This action modifies the ~/.gitconfig file by executing git config with url.<base>.instantOf variables for each deploy key. After running this action, you can check the configuration with git config --global --list, which prints as follows:

[email protected]:foo/[email protected]:foo/bar
[email protected]:foo/[email protected]:foo/baz

This action overwrites ~/.ssh/config. After running this action, the content of ~/.ssh/config will be as follows:

Host fake0.github.com
  HostName github.com
  IdentityFile C:\Users\runneradmin\.ssh\fake0.github.com
  IdentitiesOnly yes

Host fake1.github.com
  HostName github.com
  IdentityFile C:\Users\runneradmin\.ssh\fake1.github.com
  IdentitiesOnly yes

The path of IdentityFile will vary depending on the platform (the above example is on the Windows runner).

This action also creates ~/.ssh/known_hosts containing the SSH public key of github.com.

This action creates ~/.ssh/fakeN.github.com (N = 0, 1, …) files to save the deploy keys (i.e., the SSH private keys). These files are referenced by the IdentityFile entries in ~/.ssh/config.

Don't use this action on the persistent self-hosted runners.

For serious use of this action, to mitigate the security risks, you should:

• Copy (fork) this repository to your organization before using it, and then use your private (or public) repository you copied or
• Pin this action to a full length-commit SHA.

It is also advisable to audit the source code of this action before use.

See Commit, tag, and push your action to GitHub — Creating a JavaScript action.

sudo npm i -g @vercel/ncc
ncc build index.js --license licenses.txt

npx eslint index.js