Hi @fool
So far I just followed the steps in [Support Guide] How do I access private repositories in the build environment?, so created a deploy key in netlify, and pasted that into the github settings.
I was hoping that alone would mean that the keys weren’t cleared after the initial clone.
With your instructions it sounds like we should make the private key available in the environment and the configure it with git. This exposes the private key to deploys running from forks which isn’t ideal, although if it only has read only access maybe it’s ok. I will give this a go.
Would it not be possible for you to fetch the tags at the same time you fetch the commit before you drop the permissions? I think changing your command to
git fetch -f -u ---prune-tags --tag remote ref
would do it. Or if you can’t do this for performance reasons I think it would be better if you didn’t fetch any of the tags, because right now it’s inconsistent based on when someone does a deploy after clearing the cache.
Thanks