SSH Deploy Keys

ssh
composer
github

#1

Is it possible to add deploy keys for more than one private repository when setting up a project?

I can’t see anything mentioned about this specifically here: https://circleci.com/docs/github-security-ssh-keys/

Repo#1 requires Repo#2, directly via GitHub url in a composer.json file.

Both Repo#1 and Repo#2 are private repositories under an organization on GitHub.

“composer install” ends up giving me an error stating that Repo#2 doesn’t exist, however when I add a public key for my user this problem disappears.

Instead of this, I have tried adding a new deploy key to Repo#2 on GitHub, and adding the matching private key under “SSH Permissions” on the CircleCI project, but this ends up giving me the same problem I had initially.

I expected this to work… can anyone explain what’s going wrong?

I’d rather not add a public key for my user if at all possible, as I only need read permissions on one other private repo, which is exactly what the deploy keys are for.

Any insight on this would be appreciated!

Thanks a lot.


#2

I opened a ticket internally and moved your post to the feature requests section.


#3

In the mean time, have you considered creating a machine user? The idea is that you create a Github user with all the permissions you care about, and then use that to pull your repos. That way, you shouldn’t have to grant any unnecessary permissions.


#4

Hi Eric,

I have taken a look at machine users and it looks like it would work, but since we are using CircleCI to run tests on private repo’s under an organisation on GitHub, we would have to pay an extra $9 a month to create this machine user.

In the mean-time I have added my user key to the project but we would much prefer the ability to attach multiple deploy keys to a project.


#5

Are their any updates on this? I’d like this feature as well, and it’s been over a year since there’s been any activity.


#6