Git clone from private github repository with Github Actions token

Question

I need to do some directory grooming before my app is ready to be tested or deployed. I would like to utilize a Makefile target which calls a shell script in the repo to make this CI/CD-agnostic. One can call this target with make prepare_directory

The CI platform I am using is Github Actions. Here are the relevant parts of the workflow which is being run on new Pull Requests:

name: PR Tests
env:
  GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }}
jobs:
  test:
    name: Test
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v2
        with:
          fetch-depth: 1
      - name: Prep directoy
        run: make prepare_directory

Here is the relevant part of the Makefile (which works exactly as expected locally):

...
prepare_directory:
    ./scripts/prepare_directory.sh

clean:
    @rm -Rf ./$(BUILDPREFIX)

.PHONY: all clean docker lint prep_avro $(dockerbuilds)

Here is the relevant part of the ./scripts/prepare-directory.sh script:

#!/bin/bash -e
# ...
# clone repo using https and GITHUB_TOKEN
git clone https://[email protected]:USERNAME/REPO.git

When I try to clone using that URL, from the shell script, the script fails (along with the Github workflow pipeline) with the following error: fatal: unable to access 'https://github.com:USERNAME/REPO.git/': URL using bad/illegal format or missing URL

Does anybody know what I'm doing wrong?

Answer 1

You can add this action after your checkout step and GitHub can access your private repo dependancy.

Note:- Make sure to add a server's private key as a secret, public key to GitHub SSH keys and Please replace your private repo URL from https+auth_token to SSH. ssh://[email protected]/your_group/your_project.git

Below is the example

      - uses: webfactory/[email protected]
        with:
          ssh-private-key: ${{ secrets.SSH_KEY }}

SSH_KEY is the private key secret which you created.