I need to run some git commands from a ruby on rails application. I have the ssh private key (password protected) stored in an env var. How can I run git commands using the ssh keys from the env var without dumping it on the filesystem?
Asked
Active
Viewed 532 times
1
-
Git literally just runs ssh. (This isn't true of jgit or Go-git so be sure you're using the C version here before you use the rest of this comment.) The ssh command literally *only* reads the keys from either an agent or from the file system, so you will *have to* load the keys into one of these two. – torek Jun 15 '22 at 08:07
2 Answers
1
After some digging I found a solution using openssl:
echo "#{private_key}" | openssl rsa -passin pass:$PRIVATE_KEY_PASSPHRASE | ssh-add -
Kerby82
- 4,934
- 14
- 48
- 74
0
Assuming your key does not have passphrase, you can try adding it to an ssh-agent (that you can start automatically):
ssh-add - <<< "${SSH_PRIVATE_KEY}"
With passphrase, you would need to enter it somehow, which is not practical in your case.
The alternative is indeed to dump it to a file, but it can be a temp file which will be cleaned up.
In that case, set GIT_SSH_COMMAND to 'ssh -i /tmp/TempFileGenerated', and you git commands (clone/push/pull/...) will use that for any SSH URL.
VonC
- 1,262,500
- 529
- 4,410
- 5,250