Those working with closed source repositories need to be able to keep their source code protected, but also access these libraries when declared as dependencies in the
Package.swiftfile of their applications. Whether stored in private Git repositories or in any Git repository requiring SSH Keys to authenticate, keeping these dependencies proprietary and secure is fundamental.
The IBM Bluemix Runtime for Swift addresses this issue by allowing developers to provide SSH keys to authenticate with these repositories and securely build the packages before staging the application in Bluemix. This will work with both account SSH keys as well as deployment SSH keys, which are tied to individual repositories. Be sure to follow the SSH key guidelines for your organization and standard best practices when working with repository access control.
To use this feature, simply add a
.sshfolder in the root of the application. This directory should contain the SSH keys needed to access the dependencies, as well as a config file which references them. Then add the closed source repositories with the proper hosts in the
Package.swiftfile. Check out the
READMEfile of the Swift buildpack repository on GitHub for examples.
For more information on server-side Swift, visit the Swift@IBM Developer Center.