Hi guys, I have a question regarding cloning another private repository. Let’s say I have two repositories: my-app-backend and my-app-frontend. When going through the workflow with my-app-backend, during one step, I want to clone the frontend repository to run some tests. I’ve set up SSH keys already, namely:
I generated new public and private SSH keys.
The repository is on Github so I visited the frontend repo, Settings -> Deploy keys and according to hints I added the public SSH key which was required.
On CircleCI’s end, in the backend app, I visited Settings -> SSH Permissions and I added the private key which was required.
Both fingerprints (on Github and CircleCI) are the same.
The problem occurs while cloning the frontend repository. I’m getting the following error:
Cloning into '/home/circleci/my-app-frontend'...
ERROR: Repository not found.
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
Exited with code 128
I’m pretty sure that with CircleCI 1.0 it would work, but with 2.0 I have no idea. Am I doing anything wrong or should I consider adding a machine user which, in my opinion, would be an overkill since I need to do it only in one repository, not everywhere?
Put -v or -vv etc in your ssh line to see if you can get some logs
Make sure you’re actually using an RSA format pair (some encryption algos are not supported)
Try adding a continuation \ char at the end of your GIT_SSH_COMMAND line, so the whole thing is one line (I don’t think it would otherwise need export, but it is worth a try).
I added -v option in the ssh command and here’s the output:
#!/bin/bash -eo pipefail
GIT_SSH_COMMAND='ssh -v -i ~/.ssh/id_rsa_<fingerprint>' git clone git@github.com:user/my-app-frontend.git ~/my-app-frontend
Cloning into '/home/circleci/my-app-frontend'...
OpenSSH_7.4p1 Debian-10+deb9u4, OpenSSL 1.0.2l 25 May 2017
debug1: Reading configuration data /home/circleci/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to github.com [192.30.253.112] port 22.
debug1: Connection established.
debug1: key_load_public: No such file or directory
debug1: identity file /home/circleci/.ssh/id_rsa_<fingerprint> type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/circleci/.ssh/id_rsa_<fingerprint>-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.4p1 Debian-10+deb9u4
debug1: Remote protocol version 2.0, remote software version libssh_0.7.0
debug1: no match: libssh_0.7.0
debug1: Authenticating to github.com:22 as 'git'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256@libssh.org
debug1: kex: host key algorithm: ssh-rsa
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ssh-rsa SHA256:<key>
debug1: Host 'github.com' is known and matches the RSA host key.
debug1: Found key in /home/circleci/.ssh/known_hosts:1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key:
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug1: Authentication succeeded (publickey).
Authenticated to github.com ([192.30.253.112]:22).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: pledge: network
debug1: Sending environment.
debug1: Sending env LANG = C.UTF-8
debug1: Sending command: git-upload-pack 'user/my-app-frontend.git'
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
ERROR: Repository not found.
debug1: channel 0: free: client-session, nchannels 1
debug1: fd 0 clearing O_NONBLOCK
debug1: fd 1 clearing O_NONBLOCK
Transferred: sent 2756, received 1704 bytes, in 0.0 seconds
Bytes per second: sent 64184.2, received 39684.3
debug1: Exit status 1
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
Exited with code 128
When it comes to \ at the end of GIT_SSH_COMMAND line it didn’t work, cause I got:
#!/bin/bash -eo pipefail
GIT_SSH_COMMAND='ssh -v -i ~/.ssh/id_rsa_<fingerprint>'\ git clone git@github.com:user/my-app-frontend.git ~/my-app-frontend
/bin/bash: clone: command not found
Exited with code 127
Exporting GIT_SSH_COMMAND described like here didn’t work either.