In my workflow with Git, I prefer using SSH authentication for platforms like GitHub and GitLab. It allows me to avoid saving multiple credentials on my machine; instead, I simply register my already existing public SSH key in my account settings. It seems like a clear victory, right?

Unfortunately, it's not a one-size-fits-all solution:

  • Recently, I encountered an issue that could be easily resolved using Git submodules in GitLab CI. GitLab has the ability to automatically check out submodules, albeit only if they are referenced using their HTTPS URLs.
  • The convenience of copying and pasting HTTPS URLs of GitLab/GitHub repositories directly into your git clone command is undeniable. I've been guilty of lazily using these HTTPS URLs when I assumed I'd only need read-only access, only to later realize that I had to switch them over to SSH URLs...

However, to my surprise, I discovered the following configuration options in Git. You can actually substitute the visible URLs of remote repositories based on their prefixes! This means that you can use SSH for local development and HTTPS for CI environments without having to manually switch back and forth.

Here's how to do it:

[url "ssh://git@github.com/"]
    insteadOf = https://github.com/
[url "ssh://git@gitlab.com/"]
    insteadOf = https://gitlab.com/

This config ensures that every time you try to interact with a remote URL that starts with https://github.com/ or https://gitlab.com/, Git will substitute it with the corresponding SSH URL. This means you can continue using HTTPS URLs in your .gitmodules file, but when you clone or pull locally, it will use SSH. It also works for git clone.

I have no idea how I missed this feature before, but it's certainly a quality of life improvement.