The start of the new year brings some exciting new developments to Swift@IBM, including the new ability of the IBM Cloud Runtime for Swift to pull in package dependencies from private Git repositories and other Git hosting offerings that use SSH key authentication, such as GitLab and GitHub Enterprise.
Those working with closed source repositories need to be able to keep their source code protected, but also access these libraries when declared as dependencies in the
Package.swift file of their applications. Whether stored in private Git repositories or in any Git repository requiring SSH Keys to authenticate, keeping these dependencies proprietary and secure is fundamental.
The IBM Cloud Runtime for Swift addresses this issue by allowing developers to provide SSH keys to authenticate with these repositories and securely build the packages before staging the application on IBM Cloud. This will work with both account SSH keys as well as deployment SSH keys, which are tied to individual repositories. Be sure to follow the SSH key guidelines for your organization and standard best practices when working with repository access control.
To use this feature, simply add a
.ssh folder in the root of the application. This directory should contain the SSH keys needed to access the dependencies, as well as a config file which references them. Then add the closed source repositories with the proper hosts in the
Package.swift file. Check out the
README file of the Swift buildpack repository on GitHub for examples.
For more information on server-side Swift, visit the Swift@IBM Developer Center.