Sometimes you want to use a gem on Heroku that is in a private repository on GitHub.
Using git over http you can authenticate to GitHub using basic authentication. However, we don't want to embed usernames and passwords in Gemfiles. Instead, we can use authentication tokens.
This method does not add your OAuth token to Gemfile.lock. It uses bundle config to store your credentials, and allows you to configure Heroku to use environment variables when deploying.
- You only need to check the repo scope when configuring the token permissions
- Update Gemfile to use your private repository
gem 'my_private_repo', git: 'https://github.com/username/my_private_repo.git'- Configure bundler with your OAuth token
bundle config github.com <your_github_oauth_token>Now bundle and if everything works locally you are ready to deploy to Heroku!
- Finally add BUNDLE_GITHUB__COM to your Heroku environment
$ heroku config:add BUNDLE_GITHUB__COM=<your_github_oauth_token>You now have a private gem installed on Heroku!
bundle config has another option to work against your local git repository without updating your Gemfile
The catch is that you need to specify the git branch when configuring the gem
gem 'my_private_repo', git: 'https://github.com/username/my_private_repo.git', branch: 'master'Then run bundle config local.ecto </path/to/your/local/repo>
More information here - see the section "Local git repositories" at the end
I created a buildpack to solve this problem using a custom ssh key stored as an environment variable: https://github.com/simon0191/custom-ssh-key-buildpack
Feedback is welcome :)