Fetch and commit to a different repository from gitlab-ci script

I wish to push my build artifacts to a different repository.
I’m implementing this in a maven script using the wagen-git plugin.

I receit the following error:

[INFO] Executing: /bin/sh -c cd /tmp/wagon-git-025e786352a7acf9b85b74cd75daa44778698b74 && git init
[INFO] Working directory: /tmp/wagon-git-025e786352a7acf9b85b74cd75daa44778698b74
[INFO] [git] Initialized empty Git repository in /tmp/wagon-git-025e786352a7acf9b85b74cd75daa44778698b74/.git/
[DEBUG] RAN: git init / $? = 0
[INFO] Executing: /bin/sh -c cd /tmp/wagon-git-025e786352a7acf9b85b74cd75daa44778698b74 && git 
remote add origin git@gitlab.com:garanteasy/maven-repo.git
[INFO] Working directory: /tmp/wagon-git-025e786352a7acf9b85b74cd75daa44778698b74
[DEBUG] RAN: git remote add origin git@gitlab.com:garanteasy/maven-repo.git / $? = 0
[INFO] Executing: /bin/sh -c cd /tmp/wagon-git-025e786352a7acf9b85b74cd75daa44778698b74 && git 
fetch --progress
[INFO] Working directory: /tmp/wagon-git-025e786352a7acf9b85b74cd75daa44778698b74
Enter passphrase for key '/root/.ssh/id_rsa': 
[INFO] [git] Permission denied (publickey).
[INFO] [git] fatal: Could not read from remote repository.
[INFO] [git] 
[INFO] [git] Please make sure you have the correct access rights
[INFO] [git] and the repository exists.
[DEBUG] RAN: git fetch --progress / $? = 128
git:releases://git@gitlab.com:garanteasy/maven-repo.git - Session: Connection refused
[WARNING] Could not transfer metadata com.garanteasy:libraries:1.2-SNAPSHOT/maven-
metadata.xml from/to garanteasy-repo (git:releases://git@gitlab.com:garanteasy/maven-repo.git): Unable to pull git repository: git fetch failed

The .gitlab-ci.yml is:

image: maven:3-jdk-8

  MAVEN_OPTS: -Dmaven.repo.local=${CI_PROJECT_DIR}/.m2

    - .m2/repository

  - build
  - test
  - deploy

    - mvn package

    - mvn test

    - git config --global user.email "$GITLAB_USER_EMAIL"
    - git config --global user.name "$GITLAB_USER_NAME"
    - mvn deploy -Dwagon.git.safe.checkout=true -Dwagon.git.debug=true

  # cfr. https://docs.gitlab.com/ee/ci/ssh_keys/README.html
  # Install ssh-agent if not already installed, it is required by Docker.
  # (change apt-get to yum if you use a CentOS-based image)
  - 'which ssh-agent || ( apt-get update -y && apt-get install openssh-client -y )'
  # alpine - 'which ssh-agent || ( apk update && apk upgrade && apk add --no-cache bash git openssh)'

  # Run ssh-agent (inside the build environment)
  - eval $(ssh-agent -s)

  # Add the SSH key stored in SSH_PRIVATE_KEY variable to the agent store
  # alpine - bash -c ssh-add <(echo "$SSH_PRIVATE_KEY")
  - ssh-add <(echo "$SSH_PRIVATE_KEY")

  # For Docker builds disable host key checking. Be aware that by adding that
  # you are suspectible to man-in-the-middle attacks.
  # WARNING: Use this only with the Docker executor, if you use it with shell
  # you will overwrite your user's SSH config.
  #- mkdir -p ~/.ssh
  - '[[ -f /.dockerenv ]] && mkdir -p ~/.ssh && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" >   ~/.ssh/config'
  # In order to properly check the server's host key, assuming you created the
  # SSH_SERVER_HOSTKEYS variable previously, uncomment the following two lines
  # instead.
  - '[[ ! -f /.dockerenv ]] && mkdir -p /root/.ssh && echo "$SSH_PRIVATE_KEY" > /root/.ssh/id_rsa && chmod 600 /root/.ssh/id_rsa && chmod 700 /root/.ssh'
  - '[[ -f /.dockerenv ]] && mkdir -p /root/.ssh && echo "$SSH_SERVER_HOSTKEYS" > /root/.ssh/known_hosts'

Got the solution … easy and clean: simply use deploy keys.

  1. Create a private/public ssh key pair
  2. Add the public key to the maven-repo repository in Settings > Repository > Deploy Keys
  3. Configure the private key as a secret SSH_PRIVATE_KEY variable in the origin project