[users at bb.net] How to properly use private keys for access to git repositories?
Mojca Miklavec
mojca at macports.org
Sat Apr 10 11:46:18 UTC 2021
Dear Povilas,
On Sat, 10 Apr 2021 at 11:20, Povilas Kanapickas wrote:
> On 4/10/21 9:39 AM, Mojca Miklavec wrote:
> >
> > But I'm getting
> >
> > Cloning into '.'...
> > Load key "/path/to/worker/.workername.build.buildbot/ssh-key": invalid format
> > Permission denied (publickey).
> > fatal: Could not read from remote repository.
>
> Could you replace _removeSshPrivateKeyIfNeeded function with an empty
> function in master/buildbot/util/git.py (also remove the
> @defer.inlineCallbacks decorator)? This would leave the private key on
> the worker and you could manually check its contents and run the git
> clone command. Hopefully this would reproduce the problem and we could
> check what's wrong.
Thank you very much for the hint.
I was able to replicate the problem and work around it by adding a
newline at the end of the file.
I didn't check yet, but I believe that using "strip=False" when
setting up the secrets might solve the problem, however maybe it
should always be false when copying the ssh key anyway?
Meanwhile I also figured out an alternative for a private key (that
might in fact be even better).
I generated a personal token and then specified the repourl as
https://username:token@github.com/account/repo.git
rather than
git at github.com:account/repo.git
and I simply packed the whole url (including the username and token)
into a secret.
Mojca
More information about the users
mailing list