Skip to main content

Connecting to Private Repository via SSH

Using Direct SSH Key

If you use a private repository using an SSH Key, you need to have an SSH key pair ready and enter your private key to Appcircle so Appcircle can access your repository.

caution

For the SSH key field in the repository connection, the private key is required. The public key is entered/stored in the Git provider while the private key is entered in Appcircle.

caution

If you are using Azure Devops Server as a git provider, its version must be 2022 or later.

Azure Devops Server 2020 and older versions are not supported due to reduced security.

To generate a new key pair, you can run the following command:

ssh-keygen -t rsa -b 4096 -P '' -f ./appcircle-ssh -m PEM
caution

SSH keys generated should not contain a password. If ssh-keygen prompts you for a password, simply press Enter to skip the password prompt. Verify that your appcircle-ssh file was created without the header Proc-Type: 4, ENCRYPTED.

Two files will be created as appcircle-ssh.pub (Public key) and appcircle-ssh (Private key)

You can then run the cat ./appcircle-ssh command and enter its output to Appcircle and run the cat ./appcircle-ssh.pub command and enter its output to the SSH keys section of the Git provider.

Select **Connect via SSH **through the connection selection

Screenshot

Then, enter your relevant information to connect to the private repository:

Screenshot

After the connection is successful, you can view your newly created profile and start building!

info

To enable triggered auto builds with webhooks for SSH repository connections, please refer to the following guide: Build Manually or Automatically with Webhooks and Triggers

caution

Connection Notice

If your SSH server runs on a different port, you should add the port number to your connection string.

ssh://git@mydomain.com:port/path/to/repo.git

For Appcircle to connect to the self hosted repositories, your connection must be reachable over the internet.

Is your self-hosted GitLab instance under an enterprise firewall? Learn which IP addresses and ports Appcircle uses to function under the whitelist documentation:

File Icon

Accessing Repositories in Internal Networks (Firewalls)

How to connect to AWS CodeCommit repositories through SSH?

AWS CodeCommit requires the creation of a dedicated user for repository connections through SSH (i.e. the root user cannot be used for this purpose).

  • First, create a user in AWS IAM and assign the following permissions to the user:
Screenshot
  • Go to IAM -> Users -> User -> Security credentials and select "Upload SSH key".
  • Take a note of the SSH key ID generated by AWS as follows:
Screenshot
  • Once you login with the newly generated user and copy the repository URL in SSH format, you will receive URL as follows: ssh://git-codecommit.us-east-2.amazonaws.com/v1/repos/MyDemoRepo
  • For the SSH connection to be initialized, you need to add the public key to your URL to have it in the following format, which then can be entered in Appcircle to be used in SSH connections.ssh://Your-SSH-Key-ID@git-codecommit.us-east-2.amazonaws.com/v1/repos/MyDemoRepo

FAQ

Issues in connecting to the repositories with SSH

For the SSH connections, a key pair in PEM format is required. The public key is entered/stored in the Git provider while the private key is entered in Appcircle.

Please refer to this guide for the commands to generate a compatible key pair for SSH connections.

Using multiple SSH keys is not recommended. Instead, you should create a single SSH key that has access to all the private modules.

If you want to use multiple SSH keys, you need to complete the below steps:

  • Add your SSH key(s) as environment variable group as a file.
  • Select that environment group on your config screen
  • Use the below custom script to add that key.
  • Each key name should be unique. Appcircle's Activate SSH component uses appcircle_ssh as a key name.
set -e

if [ -z "$MY_OTHER_SSH_KEY" ]
then
echo "MY_OTHER_SSH_KEY is not provided. Skipping step."
exit 0
fi
echo "Create a file to save the RSA SSH private key"
mkdir -p ~/.ssh
echo "$AC_REPOSITORY_SSH_KEY" >> ~/.ssh/appcircle_new_ssh
chmod 600 ~/.ssh/appcircle_new_ssh

echo "Starting a new ssh-agent"
eval $(ssh-agent)

echo "Add the SSH private key to the ssh-agent"
ssh-add ~/.ssh/appcircle_new_ssh
echo "Exporting SSH_AUTH_SOCK=$SSH_AUTH_SOCK"
echo "SSH_AUTH_SOCK=$SSH_AUTH_SOCK" >> $AC_ENV_FILE_PATH

Accessing internal/on-premise repositories

The only available option for connecting to the internal/on-premise repositories is to use SSH and whitelist Appcircle resources if the repositories are not accessible from the public internet.

Please refer to this guide for connecting to the repositories in internal networks.

How to connect to AWS CodeCommit repositories through SSH?

AWS CodeCommit requires the creation of a dedicated user for repository connections through SSH (i.e. the root user cannot be used for this purpose).

Please refer to this guide for creating a user for SSH connections.

  • First, create a user in AWS IAM and assign the following permissions to the user:
Screenshot
  • Go to IAM -> Users -> User -> Security credentials and select "Upload SSH key".
  • Take a note of the SSH key ID generated by AWS as follows:
Screenshot
  • Once you login with the newly generated user and copy the repository URL in SSH format, you will receive URL as follows: ssh://git-codecommit.us-east-2.amazonaws.com/v1/repos/MyDemoRepo
  • For the SSH connection to be initialized, you need to add the public key to your URL to have it in the following format, which then can be entered in Appcircle to be used in SSH connections.ssh://Your-SSH-Key-ID@git-codecommit.us-east-2.amazonaws.com/v1/repos/MyDemoRepo

Need help?

Get help from Appcircle's support team, or see how others are using Appcircle by joining our Slack Channel.

Preview of Slack