I was wondering if there is a way to add a Pagoda box public key as a deploy key at Github, for when you use private repositories (submodules). I know that it's possible to add Pagoda box as a collaborator, but that would mean giving full read/write access to the repository, while a deploy key would only let you pull, which is enough.
Adding the public key found on http://help.pagodabox.com/customer/portal/articles/221647 doesn't work, as a deploy key can only be used once. Is there a way to create a public key for each app so that it's easy to manage which apps do and which apps don't have access?
It's not a matter of not trusting Pagoda box or not, I just believe to not give more access than necessary and using things for what they were designed for. If any of the links get compromised, the damage is reduced. Also, Pagoda box just isn't a collaborator, it's a service where the repo can be deployed on :)
This has been added to our development roadmap. Check our blog for updates.