Artur opened 3 years ago
|
|||||
This happens as OneDev configures http.extraHeader to use custom token when checking out code from OneDev. As long as this setting is added, git will always use this even when connect to other urls. The workaround is to checkout other repository (GitHub in this case) via ssh instead of https |
|||||
I can checkout GitHub via ssh but how to setup a build step to use private ssh key for connecting to GitHub via ssh? |
|||||
I am experimenting with script like this, but I cannot get it work.
Despite setting up ssh for non-interactive work it still fails getting code from github. The last version gives me the following error:
The 'cat' command above displays content of the private key file which looks correct to me. Any suggestion would be ery much appreciated. |
|||||
I am also getting an error at the end which seems like another issue:
https://1dev.just-4.dev is the address of my 1dev installation where the code repository is located. |
|||||
Your script works fine at my side. It is odd... |
|||||
Please make sure to use private key for secret "github_ssh_key" |
|||||
Yes, I added correct ssh key to my secrets for the project. I found on the net info that missing public ssh key may cause such an error. So I added following lines to include public ssh key and some debug:
Now, strange thing. Do you have any ideas or suggestions? Both, private and public key are added to project secrets in the same way. |
|||||
It is printing "*****" as the secret value will be masked out in log for security reason. At my side, I am able to checkout from GitHub without any problem without public key. Since I am using the same image as yours (alpine/git), the only reason might be the ssh key format? Nevertheless, there is a much simpler approach without using ssh checkout. Just write the logic as below:
It backs up the git config which contains the http.extraHeader setting, then unset it to make it working with http protocol of other repositories. Then restore it before pushing merged code back to OneDev |
|||||
Thank you. With this I was able to move forward past the GitHub connection. Unfortunately, now the last step:
is giving me headache. It just does not work, it is giving me various errors like:
or after trying various username/password/token combinations it sometimes gives me:
instead. Here is my current script, with some debug code added to investigate the issue:
and here is the log output:
I would appreciate any help as I am stuck now and I have no idea what can be wrong. |
|||||
Finally got it working! I got an idea while re-reading my last comment and looking at the build log. Content of the
And your documentation says that, if this is set, git credentials set in other way do not work. However, after connecting to GitHub, this Bearer based authorization also stopped working as git could not resolve Username for 1dev system. My provided credentials for 1dev did not work either because of the Bearer authorization in config file. So I just removed this part and decided to use token based authorization for 1dev as well. Here is the final working script:
It is working but if you have any suggestions on how to simplify it and get it working without setting 1dev credentials, that would be helpful as well. |
|||||
Digging further I found information in 1dev that the Bearer credentials have read-only permissions... so this explains the issue completely. |
|||||
Updated to latest version of alpine/git and I have the same issue. Looks like http.extraHeader no longer working as expected even if no GitHub repository checkout is involved. Will look into this further. |
|||||
From my understanding it is working as expected:
|
|||||
Robin Shen changed state to 'Closed' 3 years ago
|
|||||
Just have time to check this further. For OneDev authentication, I plan to use a custom header instead of using traditional "Authorization" header. This way, it will not interfere with other repository authentications. This way, one no longer needs to do extra things such as unset |
Type |
Question
|
Priority |
Normal
|
Assignee |
Hi,
I created a build to periodically pull GitHub code repo and merge with repository on 1dev. The build seems to be working OK, but accessing remote repository returns an error, and all the process is unsuccessful.
Here is my build code:
And when this build is run, I get the following in the log output:
See, the error:
Looks like the url is malformed or secrets are not correctly resolved or something. When I run all these commands from my terminal, replacing secrets with correct values all is successful.