Skip to content

ycore/privatize

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
.gitignore
.gitignore
 
 
PACKAGE.md
PACKAGE.md
 
 
README.md
README.md
 
 
index.mjs
index.mjs
 
 
package.json
package.json
 
 

Repository files navigation

privatize

privatize facilitates the installation of private packages from private repositories like GitHub using SSH keys. This package reads package details from privatize.json and sets up the environment for installation. It is very useful when deploying private packages to build environments like cloudflare, where the SSH details can be stored as an environment variable available at build time. It also works quite well when developing within virtual machine environments like docker.

Table of Contents

Installation

Run the following command in your terminal:

npm install https://github.com/ycore/privatize

Usage

To use privatize, make sure you have a privatize.json file located in the root of your application directory. This file should contain the private repository packages to install. Here’s an example of how to structure the file:

{
  "packages": [
    "https://github.com/user/package-1",
    "https://github.com/user/package-2",
    "https://github.com/user/package-3"
  ]
}

Preparing keys

ssh-keygen -t ed25519 -C "user@example.com" # your github user access e-mail adress
eval "$(ssh-agent -s)"
ssh-add ~/.ssh/id_ed25519

Paste the public key information to the repository profile. In Github, go to Profile - Settings - SSH & GPG keys to add a new ssh key.

cat ~/.ssh/id_ed25519.pub

Copy the base64-encoded private key to store in the DEPLOYMENT_KEY environment variable on the docker virtual development machine or cloudflare dashboard.

cat ~/.ssh/id_ed25519 | base64

Running privatize

After setting up privatize.json, you can include privatize as a preinstall script in the scripts section pf package.json.

  "scripts": {
    "preinstall": "privatize",
  }

Make sure you have your SSH private key set in the DEPLOYMENT_KEY environment variable.

Configuration

Environment Variables

  • DEPLOYMENT_KEY: This environment variable should contain the base64-encoded private SSH key used for authentication with the private repositories like GitHub. You can set it in your terminal like this:
cat ~/.ssh/id_ed25519 | base64
export DEPLOYMENT_KEY="base64_encoded_private_key"

Cloudflare dashboard

  • DEPLOYMENT_KEY: Setup the environment variable in the cloudflare dashboard. It should contain the base64-encoded private SSH key used for authentication with the private repository.

How it works

privatize writes the base64-decoded private key to ~/.ssh/id_ed25519 and the runs a npm install --no-scripts --save-optional command for all nominated packages.

The install is then validated against the public key on the private repository profile. This allows you to install packages from private repositories, while storing private key information secure in secret environment variables. Since the package is installed as an optional package, it will not stop the installation on the first pass of subsequent npm installs, running again once the preinstall is executed.

License

This project is licensed under the MIT License. See the LICENSE file for details.

Contributing

If you would like to contribute to this project, please fork the repository and submit a pull request. We welcome contributions and suggestions!

Support

For any issues or questions, please open an issue in the GitHub repository.

About

No description, website, or topics provided.

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages