What is the recommended way to authenticate with Github when fetching gruntwork modules such as: ssh://git@github.com/gruntwork-io/module-ecs.git
from CircleCI?
From the terraform doco it looks like I need to set GIT_SSH_COMMAND
or hardcode the username and password in the connection string.
infrastructure-modules-acme
isn’t using the latter so I guess that’s not recommended.
Is there any documentation on doing the former (such as adding an SSH key to CircleCI and then setting GIT_SSH_COMMAND
to something like: ssh -i ${HOME}/.ssh/id_rsa -F /dev/null
?
or is there some terragrunt magic to help here, e.g. I found a reference to:
ssh -T -oStrictHostKeyChecking=no git@github.com || true
in the infrastructure-modules-acme
but including this on CI does not seem to help.
Background:
I’ve forked sample-app-frontend-acme
, infrastructure-live-acme
and infrastructure-modules-acme
, but I’d like to pull the actual gruntwork terraform modules from, well, gruntwork. On CircleCI, I’m using a machine user
with a Github PAT to fetch my forked repos.