Last Updated: June 18, 2017
· petrbela

Deploying private submodules on heroku

If you use private git submodules in your github project, you'll have a problem deploying it to heroku (or anywhere else). Since private git repos are not accessible without authentication, you'll need to add that to the repo URL.
Suppose your .gitmodules has a dependency to myModule (and your github username is me):
[submodule "myModule"] path = lib/myModule url = https://github.com/me/myModule.git
One way to add authentication is to add your github username/password to the URL: https://username:password@github.com/me/myModule.git.

However, having your password in a plain-text file isn't the best way to hide it from others. With github you can easily create an oauth token to use instead, as documented here.

Just run:
curl -XPOST https://api.github.com/authorizations -u me -d '{"scopes":["repo"]}'

Then provide your github password and you'll receive a token that you can use to access any of your private repositories.

Now just change the url in .gitmodules to https://<received-oauth-token>:x-oauth-basic@github.com/me/myModule.git (the x-oauth-basic password is optional; you can skip it altogether).

Say Thanks

4 Responses
Add your response


I had to use:

url = https://<token>:x-oauth-basic@github.com/user/repo.git
over 1 year ago ·

Hm, I'm wondering how x-basic-auth got there. It's x-oauth-basic of course. Thanks for the correction!

over 1 year ago ·

I had to use an additional parameter on calling authorizations method:

curl -XPOST https://api.github.com/authorizations -u me -d '{"scopes":["repo"], "note": "MyDescription"}

Hope it helps!

over 1 year ago ·

I don't what is the difference between storing your password or x-oauth-basic in repository.

6 months ago ·