[users at bb.net] How to properly use private keys for access to git repositories?
Povilas Kanapickas
povilas at radix.lt
Sat Apr 10 11:49:13 UTC 2021
Hi Mojca,
On 4/10/21 2:46 PM, Mojca Miklavec wrote:
> Dear Povilas,
>
> On Sat, 10 Apr 2021 at 11:20, Povilas Kanapickas wrote:
>> On 4/10/21 9:39 AM, Mojca Miklavec wrote:
>>>
>>> But I'm getting
>>>
>>> Cloning into '.'...
>>> Load key "/path/to/worker/.workername.build.buildbot/ssh-key": invalid format
>>> Permission denied (publickey).
>>> fatal: Could not read from remote repository.
>>
>> Could you replace _removeSshPrivateKeyIfNeeded function with an empty
>> function in master/buildbot/util/git.py (also remove the
>> @defer.inlineCallbacks decorator)? This would leave the private key on
>> the worker and you could manually check its contents and run the git
>> clone command. Hopefully this would reproduce the problem and we could
>> check what's wrong.
>
> Thank you very much for the hint.
>
> I was able to replicate the problem and work around it by adding a
> newline at the end of the file.
> I didn't check yet, but I believe that using "strip=False" when
> setting up the secrets might solve the problem, however maybe it
> should always be false when copying the ssh key anyway?
Oh, this is interesting. I think it makes sense to always ensure that
ssh key has a newline at the end of file. People may supply the key from
python strings and similar things where this is easy to miss.
Thanks a lot for this bug report.
Cheers,
Povilas
More information about the users
mailing list