In general you have a couple of options to securely connect to a private repository:
- Only allow SSH login on the repository server; SSH keys are fully supported on bitrise.io
- Restrict by IP: configure your server to only allow connections from certain IP addresses. We don’t recommend this solution, as even if you restrict the IP range to bitrise.io build machine IPs, that means that anyone who runs builds on bitrise.io will be allowed to communicate with your servers. Additionally, we only have fix IPs for our Mac build machines, the Linux stacks are hosted on Google Compute Engine and we use emphemeral IPs there, so the range is GCE’s ephemeral IP range.
- Use a VPN: VPNs are in general a good solution to connect to private networks, although in most cases limiting logins on the servers to SSH keys is an easier solution. You can find a guide here: http://devcenter.bitrise.io/tutorials/vpn-configuration/
If anyone have any other idea / solution, please share it with us, we’d be happy to provide the required features / changes, or to highlight the option here!