github - 在 GitHub Actions 的构建阶段安装私有(private)存储库

Question

我正在使用 GitHub Actions 部署到 Azure。在这个项目中，我使用我们自己的私有(private)存储库，我们托管在 GitHub 上。这些存储库将在构建期间安装，它们的链接存储在 requirements.txt 中。 ， 例如:

git+ssh://git@github.com/org-name/package-name.git

在本地，安装需求没有问题，因为我可以使用 SSH 访问这些私有(private)存储库。但是在构建 GitHub 操作期间我将如何访问这些。
我收到错误:

Collecting git+ssh://****@github.com/org-name/package-name.git (from -r requirements.txt (line 1))
  Cloning ssh://****@github.com/org-nam/package-name.git to /tmp/pip-req-build-9nud9608
ERROR: Command errored out with exit status 128: git clone -q 'ssh://****@github.com/org-name/package-name.git' /tmp/pip-req-build-9nud9608 Check the logs for full command output.
Error: Process completed with exit code 1.

这是有道理的，因为它是一个私有(private)存储库。

Answer 1

您可以尝试在您的 GitHub 操作工作流程中包含 webfactory/ssh-agent 行动:

When running a GitHub Action workflow to stage your project, run tests or build images, you might need to fetch additional libraries or vendors from private repositories.

GitHub Actions only have access to the repository they run for.

So, in order to access additional private repositories:

• create an SSH key with sufficient access privileges.
• Then, use this action to make the key available with ssh-agent on the Action worker node.
• Once this has been set up, git clone commands using ssh URLs will just work. Also, running ssh commands to connect to other servers will be able to use the key.

这将提供如下工作流程:

# .github/workflows/my-workflow.yml
jobs:
    my_job:
        ...
        steps:
            - actions/checkout@v1
            # Make sure the @v0.4.1 matches the current version of the
            # action 
            - uses: webfactory/ssh-agent@v0.4.1
              with:
                  ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }}
            - ... other steps