Having issues cloning a git repo on Bitbucket


#1

So, I have a git repo at Bitbucket that I need to check for, in order to run a job. The repo is available and accessible, and I can clone it locally using the ‘git clone git@bitbucket.org:company/repo.git’ using the SSH keys I have . When I try to set it up as a Concourse resource, I get this error message:

resource script ‘/opt/resource/check []’ failed: exit status 128

stderr:
Cloning into ‘/tmp/git-resource-repo-cache’…
Host key verification failed.
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

Here is my resource definition:

---
resources:
- name: dc
  type: git
  source:
    branch: master
    uri: git@bitbucket.org:<company>/<repo>.git

What am I doing wrong?


#2

What is confusing is the error message, Host key verification failed.

Since you use uri: git@bitbucket.org, you need to pass your SSH private key, as explained in the documentation at https://github.com/concourse/git-resource.

Or, you could pass username/password and use the https:// URL.

Or, if the repo is public and you don’t need to push, you could use the https:// URL and no credentials.

If you need to pass secrets (SSH key or passwords), I strongly suggest to keep your secrets secret by using a credentials manager, see https://concourse-ci.org/creds.html


#3

Without using one of the credential managers, is copying and pasting the key the only way to specify the private_key value? Can we not supply a path to it instead?


#4

You can store the key in a separate yaml file and supply it as a variable

In your concourse pipeline yml you can set
private_key: ((keys.private_key))

And then when you use the fly cli you would specify fly -t <target> -p <pipeline> -c path/to/pipeline.yml -l path/to/private.yaml

And in your private yaml file have something like this

keys:
  private_key: |
  ——BEGIN PRIVATE KEY——
  ——END PRIVATE KEY——

#5

Ahh that is neat! Thanks a lot!