Plone Ansible and private git source packages

When working with the Plone ansible_playbook how do you use private sources for plone_sources?

Normally I add source packages to my ansible playbook by using the plone_sources option. This works fine if all my sources are in publicly available repositories.
The problem is that I have source code in a private repository.

I'm thinking that I may need a script that "injects" a private key before running the buildout.

This is how I do it:

I would credit the original author, but I can't remember who I got it from. Was it @tkimnguyen?

I don't think it was me :slight_smile: Probably @smcmahon, who has been the Ansible playbook guy!

Thanks Fulvio. I found another way also, thanks to one of the devs at the office. We basically created an "API" user that is allowed to pull but not push the repo and then we added their username and password separated by ':'.
It worked!

But I like your solution better!

plone_sources:
    - "mycustom.site = git https://[username]:[passwordhere]@gitlab.com/alteroo-mycustom/mycustom.site"

A combination of this and Fulvio's mechanism is just what I do. I set up a pull-only user with the ssh public key of the plone_buildout user.