How to link a deployment script/repo from an application repo in Gitlab CD?
Let’s say you have:
Repo Awith a generic application.
Repo Bwith an Ansible deployment script.
Inside the RepoA CI/CD runner, I want to run the Ansible script from Repo B. What’s the best/easiest way to do this?
What I am trying is to create an extra ssh key for RepoB only and feed it into the runner via Secret Variables. Unfortunately, I would have to create a dummy user, that only has access to RepoB for that.
Is there any other ways I could do that? It seems like that should be a pretty common workflow for deployments.
One Solution collect form web for “How to link a deployment script/repo from an application repo in Gitlab CD?”
You’re right, that’s a pretty common use case. Gitlab uses what it calls
Deploy Keys to achieve this (more info here).
I’ve answered a similar question here.
Below is a version of that answer tuned to your specific needs.
First generate a SSH key pair. You can use
ssh-keygen -t rsa for that.
Then go to Repo B’s gitlab page and locate the
Deploy Keys setting. There you should paste the public key you just generated.
Then go to Repo A locate the
Variables page. Create a new private variable with the name
SSH_PRIVATE_KEY for instance and paste the private key you generated there.
Finally, in your
.gitlab-ci.yml file add the following so that your private key will be available to your CI environment:
- 'which ssh-agent || ( apt-get update -y && apt-get install openssh-client -y )' # Run ssh-agent (inside the build environment) - eval $(ssh-agent -s) # Add the SSH key stored in SSH_PRIVATE_KEY variable to the agent store - ssh-add <(echo "$SSH_PRIVATE_KEY") - mkdir -p ~/.ssh - '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config'
Your Repo A CI environment should now be setup so that in can pull Repo B.