Create A GitHub Deploy Key
Deployment keys are a great way of giving restricted access to a single project. This is useful for me to allow my deployment servers the ability to retrieve the codebase, or for my CI/CD pipeline to retrieve the code and then deploy it.
First, run the following command to create an SSH key-pair.
Be sure to enter a name/path you remember it by, and it's best to use a passphrase (this will be supported by tools like Jenkins).
- Then go to the settings of your GitHub repository
- CLick on Deploy keys
- Click Add deploy key
- Give a name to remember the key by so you know what to revoke later if you ever need to.
- Copy the contents of the
.pubfile of the keypair you generated earlier into the field labelled Key.
- If you want this key to be able to be used for making changes to the repository, check the checkbox beside Allow write access. However, in this case I am doing this for a Jenkins pipeline, so I deliberately leave this unchecked.
- Then just click the Add key button to add the key.
You will be prompted to confirm your identity by entering your password, or using your FIDO key.
Finally, you will see your newly created key in the deployment keys section of your project's settings.
That's it! You now have an SSH keypair that can be used just for deploying that single GitHub repository.
First published: 28th June 2021