How do you automatically deploy from Github if your repo is private? The first time I had to this it was a nightmare, simply because the Github documentation assumes that all of its users possess a knowledge base bordering on the absurd. The reality is that setting this up is easy once you’ve seen how it all works. This setup should take you around 15 minutes to complete.
Summary
Github and the git command-line program work in concert to provide a way to interact with a private repo using SSH. Github private repos include an additional page where you can add a public SSH key (a, “deployment key“) to facilitate remote connections from servers that need to download (ie “clone”) your private repo. The git command-line program understands special syntax for connecting to a private repo via SSH.
Setup Work Flow
1. Create an SSH key pair from any computer.
Github provides an additional configuration page for private repos where you can manage deployment keys. But strangely, GitHub doesn’t automatically generate the SSH key for you, nor do they provide any means of creating such a key from their site. The page simply contains a large, empty text field where you’re supposed to paste your public key, but there’s no explanation of where the key comes from.
You have to create a key. You can do this step on any computer with ssh-keygen installed. However, you can save some time by doing this step on your deployment server — assumed to be some kind of Linux server — and storing the files in ~/.ssh/, where the “~” means your home folder.
We’ll do this with a command-line utility named ssh-keygen that comes pre-installed on most operating systems. Ssh-keygen asks you a couple of questions then creates two files: a private key, and a public key. Incidentally, you can name these files anything you want, and you can also use any file extension you want including no file extension at all.
GitHub actually provides very good documentation on how to use this tool to create the SSH key pair that you’ll need in order to create a deployment key.
I’m republishing their exact instructions, along with my own annotations, for your convenience.
- Open Terminal.
- Paste the text below, substituting in your GitHub email address.
$ ssh-keygen -t rsa -b 4096 -C "<em>your_email@example.com</em>"This creates a new ssh key, using the provided email as a label.
> Generating public/private rsa key pair. - When you’re prompted to “Enter a file in which to save the key,” press Enter. This accepts the default file location.
-
> Enter a file in which to save the key (/Users/<em>you</em>/.ssh/id_rsa): <em>[Press enter]</em> - At the prompt, type a secure passphrase. For more information, see “Working with SSH key passphrases”.
> Enter passphrase (empty for no passphrase): <em>[Type a passphrase]</em> > Enter same passphrase again: <em>[Type passphrase again]</em>
- Open Terminal.
- Paste the text below, substituting in your GitHub email address.
$ ssh-keygen -t rsa -b 4096 -C "<em>your_email@example.com</em>"This creates a new ssh key, using the provided email as a label.
> Generating public/private rsa key pair. - When you’re prompted to “Enter a file in which to save the key,” press Enter. This accepts the default file location.
> Enter a file in which to save the key (/Users/<em>you</em>/.ssh/id_rsa): <em>[Press enter]</em> - At the prompt, type a secure passphrase. For more information, see “Working with SSH key passphrases”.
> Enter passphrase (empty for no passphrase): <em>[Type a passphrase]</em> > Enter same passphrase again: <em>[Type passphrase again]</em>