From what I can see, the idea is that CircleCi needs one key to clone repository from GitHub. One key to access the server to be deployed (when doing automatic deployment). And one key to clone from GitHub to the server to be deployed (since agent forwarding is not enabled). Why not do it all with just one deploy key (the first one)? Agent forwarding it to the server to be deployed, and then to GitHub?
I could probably do it like so:
deployment: staging: branch: master commands: - | echo 'Host example.com ForwardAgent yes IdentityFile /home/ubuntu/.ssh/id_circleci_github IdentitiesOnly yes' >> ~/.ssh/config - ssh-add ~/.ssh/id_circleci_github - bundle exec cap staging deploy
But that doesn’t seem like a good thing to do.