设置 Gitlab CI 以允许克隆其他私有存储库

像 GoLang 这样的一些项目可能需要在构建期间克隆其他依赖的 GitLab 存储库。要使此工作正常，你可以向相关存储库添加部署密钥，并将私钥（无密码）放入源存储库。

在构建期间依赖于其他存储库的 Git 存储库中创建并签入 SSH 密钥：

ssh-keygen -t rsa -b 4096 -C "My CI Deploykey"

# In the following promt name the key "deploykey" and leave the passphrase empty
Generating public/private rsa key pair.
Enter file in which to save the key (/home/user/.ssh/id_rsa): deploykey
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in deploykey.
Your public key has been saved in deploykey.pub.

# check-in both files

使用 deploykey.pub 在依赖存储库中配置 deploykey。你可以在 GitLab 项目设置中找到 Deploykey 页面。

现在将以下内容添加到 .gitlab-ci.yml 中

before_script:
  # Git and SSH setup to clone private repos
  # Needs the deploykey file to be installed in all dependent repositories
  - git config --global url."git@gitlab.com:".insteadOf "https://gitlab.com/"
  # Add gitlab to known_hosts
  - mkdir -p ~/.ssh && chmod 700 ~/.ssh
  - ssh-keyscan -H gitlab.com >> ~/.ssh/known_hosts
  # Start the ssh agent and add the deploykey
  - chmod 400 deploykey
  - eval $(ssh-agent -s)
  - ssh-add deploykey

现在，在你的构建中任何对 git clone 的调用都应该有效。即使它是通过其他工具，如 go get，govendor sync，或任何你正在使用的工具。