The problem We have multiple client NDAs. The client usually gives us access to their AWS account and let's us create web servers to host their apps. We use Capistrano to deploy the web app to their machine. The deploy user on the server needs access to our bitbucket account for that client's repo. I don't want create a key on bitbucket account and put the private key on the client's server because they would have access to all of our client's repos on bitbucket. So I'm trying to figure out a way to create the deploy user's public key on the server and then copy it over to the repo's deploy key list using bitbuckets api.
I wish there was a way I could execute code out side of the manifest to create a key pair and then copy the private key to the deploy user and copy the public key over to bitbucket.
Any good suggestions for this?