GitHub
Connect a private GitHub repository to Valohai using SSH deploy keys
Connect your private GitHub repository to Valohai using SSH authentication. GitHub deploy keys provide secure, read-only access without exposing your account credentials.
Requirements
A private GitHub repository
A Valohai project
Admin access to the repository (to add deploy keys)
Overview
You'll complete three steps:
Generate an SSH key pair (in Valohai or on your local machine)
Add the public key to GitHub as a deploy key
Add the private key to Valohai
Step 1: Generate SSH Key Pair
The easiest way is to generate the key pair directly in Valohai.
In Valohai:
Open your project
Go to Settings → Repository
Click Generate SSH Key
Download or copy both keys:
valohai-public_xxx.pub(public key)valohai-private_xxx.pem(private key)
Keep these files handy—you'll need them in the next steps.
Alternative: Generate Locally
If you prefer, generate keys on your local machine:
ssh-keygen -t rsa -b 4096 -f valohai-deploy-keyThis creates:
valohai-deploy-key.pub– Public key for GitHubvalohai-deploy-key– Private key for Valohai
💡 Don't commit these keys to Git. Anyone with the private key can access your repository.
Step 2: Add Public Key to GitHub
Navigate to your repository's deploy keys settings:
Go to your GitHub repository
Click Settings → Deploy keys → Add deploy key
Configure the deploy key:
Title:
Valohai(or any descriptive name)Key: Paste the entire contents of the
.pubfileShould start with
ssh-rsa AAAA...
Allow write access: Leave unchecked (Valohai only needs read access)
Click Add key to save.
Step 3: Add Private Key to Valohai
Now connect the repository in Valohai.
Get your SSH repository URL from GitHub:
Go to your repository on GitHub
Click Code → Clone → SSH
Copy the URL (format:
[email protected]:username/repository.git)
In Valohai:
Go to Settings → Repository
Paste the SSH URL into the URL field:
[email protected]:username/repository.gitPaste the entire contents of the private key file into SSH private key:
Should start with
-----BEGIN RSA PRIVATE KEY-----Include all lines, including the header and footer
Click Save
Valohai will immediately attempt to fetch your repository. If successful, you'll see your commits in the execution dialog.
Verify Connection
Test that everything works:
Go to Executions → Create Execution
The Commit dropdown should show your commits
If not, click Fetch Repository in settings
Keep Code Updated
After pushing new commits to GitHub, update Valohai:
Go to Settings → Repository
Click Fetch Repository
Automate with webhooks: Set up automatic fetching when you push to GitHub:
Troubleshooting
"Permission denied (publickey)"
The public key wasn't added correctly to GitHub
Make sure you copied the entire
.pubfile contentsVerify the deploy key shows in GitHub's settings
"Repository not found"
Check the repository URL format (should be
[email protected]:...)Don't use HTTPS format for private repos
Ensure the deploy key is added to the correct repository
"Invalid private key format"
Make sure you pasted the private key, not the public key
Include the header (
-----BEGIN RSA PRIVATE KEY-----) and footerDon't add extra spaces or line breaks
"My commits don't appear"
Click Fetch Repository after pushing new commits
Check if you're on the correct branch
Use Manage Commits to unhide old commits
Security Best Practices
Use deploy keys, not personal access tokens
Deploy keys are repository-specific
They provide read-only access
They don't expose your entire account
Rotate keys periodically
Generate new keys every 6-12 months
Delete old deploy keys from GitHub
Don't share private keys
Each environment should have its own key pair
Never commit keys to your repository
Store keys securely (password manager, secrets vault)
Next Steps
Use .vhignore to exclude large files
Manage Commits to organize visible commits
Last updated
Was this helpful?