feat: private repo support for ecr push

.github/workflows/ecr-build-and-push.yml

@@ -13,13 +13,27 @@ on:
         description: 'Environment to deploy to'
         required: true
         type: string  
+      requires-private-deps:
+        description: 'Requires private dependencies to be fetched, sets up ssh-agent'
+        required: false
+        default: false
+        type: boolean
     secrets: 
       aws-ecr-repository:
         description: 'ECR repository to push to'
         required: true
       aws-ecr-deployer-role-arn:
         description: 'Role ARN to assume for ECR'
         required: true
+      SSH_PRIVATE_KEY:
+        description: 'SSH private key for fetching private dependencies'
+        required: false
+      SSH_PRIVATE_KEY_2: 
+        description: 'SSH private key for fetching private dependencies'
+        required: false
+      SSH_PRIVATE_KEY_3:
+        description: 'SSH private key for fetching private dependencies'
+        required: false
 
 env:
   CARGO_TERM_COLOR: always
@@ -56,6 +70,14 @@ jobs:
       - name: Login to Amazon ECR
         id: login-ecr
         uses: aws-actions/amazon-ecr-login@v2
+      - name: Setup ssh-agent
+        if: ${{ inputs.requires-private-deps == true }}
+        uses: webfactory/ssh-agent@v0.9.0
+        with:
+          ssh-private-key: |
+            ${{ secrets.SSH_PRIVATE_KEY }}            
+            ${{ secrets.SSH_PRIVATE_KEY_2 }}
+            ${{ secrets.SSH_PRIVATE_KEY_3 }}
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
       - name: Setup Docker Metadata
@@ -78,6 +100,9 @@ jobs:
           context: .
           cache-from: type=local,src=/tmp/.buildx-cache
           cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max
+          ssh: default
+        env: 
+          CARGO_NET_GIT_FETCH_WITH_CLI: true
       - # Temp fix
         # https://github.com/docker/build-push-action/issues/252
         # https://github.com/moby/buildkit/issues/1896