[users at bb.net] Using SSH keys with GitPoller and Git step?

Chris Spencer chrisspen at gmail.com
Mon Mar 13 15:08:18 UTC 2017


My preference would be to use SSH keys. However, since there's no official
documentation explaining how to use them with Buildbot, and these replies
have mentioned a lot of caveats, I was acting as though SSH keys are
officially not supported.

I posted this question to SO over a year ago, and the only reply I received
was essentially "just use a username and password".

How do I configure Buildbot to use SSH keys? I only have a single slave
running on the same server as master, so can I simply upload my custom SSH
key to /var/lib/buildbot/.ssh/mykey.pem or do I need to update something in
my tac or cfg files?

On Mon, Mar 6, 2017 at 2:47 PM, Pierre Tardy <tardyp at gmail.com> wrote:

> It is not implemented because people are supposed to use SSH keys. Is
> there a reason why you can't use SSH keys ?
>
> Buildbot has capabilities to redact password from commands. It's used I
> think in svn
>
> Le lun. 6 mars 2017 20:32, Chris Spencer <chrisspen at gmail.com> a écrit :
>
>> Is there any way to suppress the output of the Git step (
>> http://docs.buildbot.net/latest/manual/cfg-buildsteps.html#step-Git), so
>> my password isn't visible in the logs? It doesn't appear to accept any type
>> of "gitbin" option.
>>
>> On Thu, Mar 2, 2017 at 6:42 PM, Will Rosecrans <wrosecrans at gmail.com>
>> wrote:
>>
>> As far as I know, the GitPoller doesn't directly support that.  I have
>> mostly used salt to set up the buildslave machine, and included ssh and git
>> config as part of the buildslave's system config rather than the buildbot
>> config.  If you are using GitHub, it's also easy to set up token passwords
>> on an account and use that for service work.  It uses a password rather
>> than an actual key, but the password is a long string of gibberish, and you
>> can use the token as a sub account, with different permissions for the
>> tokens and the ability tp revoke them individually.
>>
>> You can also set the GitPoller's gitbin to point to a script that runs
>> git with whatever key setup you like, and have buildbot just invoke that
>> script.
>>
>>
>> On Wed, Mar 1, 2017 at 5:18 PM, Chris Spencer <chrisspen at gmail.com>
>> wrote:
>>
>> How do you specify the ssh key to use with the Gitpoller and Git step
>> classes?
>>
>> I'm currently hard-coding my username/password in the repourl, and I'd
>> like to move away from that for security reasons. However, even after
>> reading the docs and looking at the source, I can see no obvious way to
>> specify the pem key file to checkout and fetch via ssh.
>>
>> _______________________________________________
>> users mailing list
>> users at buildbot.net
>> https://lists.buildbot.net/mailman/listinfo/users
>>
>>
>> _______________________________________________
>> users mailing list
>> users at buildbot.net
>> https://lists.buildbot.net/mailman/listinfo/users
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.buildbot.net/pipermail/users/attachments/20170313/9336d483/attachment.html>


More information about the users mailing list