From 9e3a902aeeeaa39299c1180804a21c2027aae08b Mon Sep 17 00:00:00 2001
From: Julian Rother <julian@cccv.de>
Date: Wed, 17 Jul 2024 23:28:46 +0200
Subject: [PATCH] Switch from deploy tokens to deploy keys due to expiry issues
 with tokens

---
 .gitlab-ci.yml | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 46e374d..cbdb79d 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -13,7 +13,9 @@ autoupdate:
   rules:
   - if: '$RUN_AUTOUPDATE == "1"'
   script:
-  - git clone "https://${GITLAB_ACCESS_USER}:${GITLAB_ACCESS_TOKEN}@${CI_SERVER_HOST}/${CI_PROJECT_PATH}.git" autoupdate-checkout
+  - mkdir -p ~/.ssh && chmod 0700 ~/.ssh && echo "$SSH_DEPLOY_KEY" > ~/.ssh/id_ed25519 && chmod 0600 ~/.ssh/id_ed25519
+  - echo "$SSH_HOST_KEY" > ~/.ssh/known_hosts
+  - git clone "git@${CI_SERVER_SHELL_SSH_HOST}:${CI_PROJECT_PATH}.git" autoupdate-checkout
   - |
     set -e
     cd autoupdate-checkout
@@ -29,7 +31,9 @@ update_release_tags:
   rules:
   - if: '$RUN_AUTOUPDATE != "1" && $CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH && $CI_COMMIT_TAG == null'
   script:
-  - git clone "https://${GITLAB_ACCESS_USER}:${GITLAB_ACCESS_TOKEN}@${CI_SERVER_HOST}/${CI_PROJECT_PATH}.git" autoupdate-checkout
+  - mkdir -p ~/.ssh && chmod 0700 ~/.ssh && echo "$SSH_DEPLOY_KEY" > ~/.ssh/id_ed25519 && chmod 0600 ~/.ssh/id_ed25519
+  - echo "$SSH_HOST_KEY" > ~/.ssh/known_hosts
+  - git clone "git@${CI_SERVER_SHELL_SSH_HOST}:${CI_PROJECT_PATH}.git" autoupdate-checkout
   - |
     set -e
     cd autoupdate-checkout
-- 
GitLab