Hi,
I’m trying to add a new project to our Unity Cloud Build, but I get stuck in “Grant us access to your source control” step.
Cloud Build keep asking me to grant access, giving me SSH Key, which I try to put in the “deploy key” section of my new project on github. GitHub answers that “key is already use”.
I’ve checked, and it is the same SSH Key that Cloud Build use for my previous project.
What I’m missing here ? Should I use another settings in GitHub ?
All help appreciated !
Thanks in advance,
Olivier K.
I’ve just ran into the same problem. Github does not allow the same SSH key to used as a deploy key for multiple repositories, and Cloud build uses the same SSH key for all projects in an organisation.
I don’t like to give my build server write access to my repositories, but there aren’t many alternatives, especially for individual developers with private repos.
If you use a personal github account, you can’t have read-only collaborators, so creating a free user and granting it read only access to all your repositories is not an option.
If you only have public repositories, you can create an organisation for free, and have two users to have access to your repositories. One of them can have only read access, and you need to add the SSH key you get from unity to that users account, not as a deploy key.
You can do the same with private repos, except then it will cost you 2*$25 = $50 + whatever git-lfs storage and bandwidth you use, which got a bit much for me. So I’ve reluctantly given cloud build read/write access to my repositories instead (just added the unity provided public key to my own account)
Github has clearly stated that they won’t entertain allowing having the same deploy key reused on multiple repositories on religious grounds, so the only option is Cloud Build generating a key per project instead of a key per organisation.
I had a quick look on https://feedback.unity3d.com and that doesn’t seem to be a suggested feature yet. I’ll probably add it when I have a minute.
-Willem
1 Like
I can understand github’s policy of one git repo per ssh key as this is a good security pattern. It’s sad Unity does not allow generating on multiple keys for an organization.