Using SSH Keys

Add to known hosts pipeline step

Depending on the container you are using, you may want to use this step to prevent builds/deploys from halting when you setup a connection with them:

The authenticity of host 'some-server.wercker.com (1.2.3.4)' can't be established.
RSA key fingerprint is ff:ee:dd:cc:bb:aa:99:88:77:66:55:44:33:22:11:00.
Are you sure you want to continue connecting (yes/no)?
deploy:
  steps:
    - add-to-known_hosts:
        hostname: ssh.example.com
        fingerprint: ce:83:e9:7d:02:a4:e3:63:3f:8a:07:cc:d5:d9:bb:cd

Add ssh key pipeline step

Using this step in combination with an SSH key allows you to use that key for SSH operations, such as cloning a private repository:

build:
    steps:
        - add-ssh-key:
            keyname: MYPACKAGE_KEY

Keep in mind that if your environment variables are MYPACKAGE_KEY_PUBLIC and MYPACKAGE_KEY_PRIVATE the keyname should only be MYPACKAGE_KEY.

As with environment variables if the same ssh key has been specified on an organization or application the lower level will override the higher level one (organization - application - pipeline).

Now your SSH key can be used to clone private repositories during a pipeline run. This solution works as long as we clone via SSH (i.e. not using https).