Sort of follow-up to #2018, but I came across the webfactory/ssh-agent action. It should be possible to suggest that people add this to their docs workflows
- uses: webfactory/ssh-agent@v0.7.0
with:
ssh-private-key: ${{ secrets.DOCUMENTER_KEY }} # can't be base64 encoded though I assume
And then in deploydocs we could then just authenticate with the agent. This way we could avoid materializing DOCUMENTER_KEY on disk, and could actually avoid exposing the secret to Documenter altogether.
Would need some work to make work, and I think we'd also have to indicate to deploydocs that it should try the agent (something like deploydocs(auth=:sshagent))?
odow
commented
11 months ago
Sort of follow-up to #2018, but I came across the webfactory/ssh-agent action. It should be possible to suggest that people add this to their docs workflows
And then in
deploydocswe could then just authenticate with the agent. This way we could avoid materializingDOCUMENTER_KEYon disk, and could actually avoid exposing the secret to Documenter altogether.Would need some work to make work, and I think we'd also have to indicate to
deploydocsthat it should try the agent (something likedeploydocs(auth=:sshagent))?