How to use private Git submodules

Warning

This guide is for About Read the Docs for Business.

If you are using private Git repositories and they also contain private Git submodules, you need to follow a few special steps.

Read the Docs uses SSH keys (with read only permissions) in order to clone private repositories. A SSH key is automatically generated and added to your main repository, but not to your submodules. In order to give Read the Docs access to clone your submodules you’ll need to add the public SSH key to each repository of your submodules.

Note

• You can manage which submodules Read the Docs should clone using a configuration file. See submodules.

• Make sure you are using SSH URLs for your submodules (git@github.com:readthedocs/readthedocs.org.git for example) in your .gitmodules file, not http URLs.

GitHub

Since GitHub doesn’t allow you to reuse a deploy key across different repositories, you’ll need to use machine users to give read access to several repositories using only one SSH key.

1. Remove the SSH deploy key that was added to the main repository on GitHub

   1. Go to your project on GitHub

   2. Click on Settings

   3. Click on Deploy Keys

   4. Delete the key added by Read the Docs Commercial (readthedocs.com)

2. Create a GitHub user and give it read only permissions to all the necessary repositories. You can do this by adding the account as:

   • A collaborator

   • An outside collaborator

   • A team in an organization

3. Attach the public SSH key from your project on Read the Docs to the GitHub user you just created

   1. Go to the user’s settings

   2. Click on SSH and GPG keys

   3. Click on New SSH key

   4. Put a descriptive title and paste the public SSH key from your Read the Docs project

   5. Click on Add SSH key

Azure DevOps

Azure DevOps does not have per-repository SSH keys, but keys can be added to a user instead. As long as this user has access to your main repository and all its submodules, Read the Docs can clone all the repositories with the same key.

See also

Allow access to your Azure DevOps repository with an SSH key.

Others

GitLab and Bitbucket allow you to reuse the same SSH key across different repositories. Since Read the Docs already added the public SSH key on your main repository, you only need to add it to each submodule repository.

See also

How to import private repositories