ROS Resources: Documentation | Support | Discussion Forum | Service Status | Q&A answers.ros.org

Private GitHub Repositories

I am extremely confused. I have been trying to set up a private build farm for a private repository, and I am having a lot of difficulties.

Initially I thought I could simply create a new user, “jenkins” in GitHub, provide whatever SSH keys I needed to GitHub, and all would be well. But that’s not true. There are dockerized steps that prevent this sort of mechanism from working. How do I get the “generate_release_script.py” to generate a script that can properly pull code from my private GitHub repo?

Also, to this point I have been leaving my rosdistro repository fully public, but that’s not ideal, and would like to make that private as well. How do I do that without having to fully self-host all the repositories myself?

All I really want to do is build debian packages for my ROS packages. When I attempted to use the bloom debian generator I noticed that it did not handle dependencies, and so I found myself manually building each debian in order.

Is there a simpler way to do all of this? I have even considered writing a program that automatically orders the debian creation order and calling bloom repeatedly until all debian packages are generated.

Thanks for the help.

Also, to this point I have been leaving my rosdistro repository fully public, but that’s not ideal, and would like to make that private as well. How do I do that without having to fully self-host all the repositories myself?

You can maintain a secret Github gist to achieve the same effect. Direct URLs to the secret gists will let you access the rosdistro file(s) while still keeping them private.

What prevents an outsider using that direct URL to get at my private repositories?

Also, how does that work exactly? Does the GitHub gist then point to my private repository?

Do you have an example of how this is done?

This sort of question is best asked on ROS Answers if you’d like to move the question there I’d be happy to provide additional context.

To the best of my knowledge it hasn’t been tested recently but you can use the git_ssh_credential_id field to set a Jenkins credential which can be used for cloning remote repositories. I don’t recall everywhere this credential is used and you may need to set the same field in the individual release or source build files so that the individual repositories are also cloned with it.

1 Like

Posted here: https://answers.ros.org/question/386054/ros-buildfarm-with-private-github-repositories/

I’m not super clear on how the git_ssh_credential_id works. Does that get passed in to the docker container that ultimately pulls and builds the code? How does that work?

1 Like