SSH Keys With Remote Git Pulls

In publishing this web site, I use vim, Git, SSH, Docker, Jekyll (which uses a lot of Ruby) and Gitlab. A push to Gitlab, triggers running a job in my jobrunner tool (could be Jenkins or Go), which runs a command on a remote machine, which runs a git pull, builds the docker container (if needed), runs Jekyll on the new content, rsyncs the new content in place and removes any old stuff that’s now gone. The tricky part was getting the remote git command to use a specific SSH key. What I ended up doing was this:

# prepare to run git with SSH with our private deploy key
CLONE_DIR=`dirname $0`
echo "set -e" >> $GITTMP
echo "set -u" >> $GITTMP
echo "ssh -i $CLONE_DIR/deploy_keys/water \$@" >> $GITTMP
chmod +x $GITTMP

# pull new changes
git pull

This created a bash script that when invoked “injected” -i $CLONE_DIR/...path_to_key into the arguments to SSH. Git uses the binary specified in GIT_SSH whenever it wants to use SSH, and combined this is one way to get Git to use a specific SSH key.

This work by Fredrik Wendt is licensed under CC by-sa.