3


i have a problem with cloning git repository in my application.

KEY_FILE = "/opt/app/.ssh/id_rsa"

def read_git_branch(config_id, branch):
    config = RepoConfig.objects.get(id=config_id)
    save_rsa_key(Credentials.objects.get(id=1).key)
    git_ssh_identity_file = os.path.expanduser(KEY_FILE)
    git_ssh_cmd = 'ssh -i %s' % git_ssh_identity_file
    with Git().custom_environment(GIT_SSH_COMMAND=git_ssh_cmd):
        with tempfile.TemporaryDirectory() as tmpdir:
            repo = Repo.clone_from(config.url, tmpdir, branch=branch)
            branch_obj, _ = Branch.objects.get_or_create(name=branch)
            ....

def save_rsa_key(key):
    if not os.path.exists(os.path.dirname(KEY_FILE)):
        try:
            os.makedirs(os.path.dirname(KEY_FILE))
        except OSError as exc:
            if exc.errno != errno.EEXIST:
                raise
    with open(KEY_FILE, 'w') as id_rsa:
        id_rsa.write(key)
        os.chmod(KEY_FILE, 0o600)

Expected result is to clone repository to temporary directory, do something with it and delete all files.
Instead I'm getting:

DEBUG/ForkPoolWorker-2] AutoInterrupt wait stderr: b'Host key verification failed.\nfatal: Could not read from remote repository.\n\nPlease make sure you have the correct access rights\nand the repository exists.\n'

git.exc.GitCommandError: Cmd('git') failed due to: exit code(128) cmdline: git clone --branch=master -v [email protected]:bar/project.git /tmp/tmpi_w2xhgt stderr: 'Host key verification failed.

When i try to connect to the same repo directly from machine with key file created by code above with:

ssh-agent bash -c 'ssh-add /opt/app/.ssh/id_rsa; git clone [email protected]:bar/project.git'

Repo is cloned without problems + host is added to known_hosts. After doing that my code works as expected...

It has to be something with known_hosts. Anyone had similar problem?

Thanks for your help.

Improve this question
1

3 Answers 3

Reset to default
3

You should use env of clone_from.

with Git().custom_environment(GIT_SSH_COMMAND=git_ssh_cmd):
    repo = Repo.clone_from(config.url, tmpdir, branch=branch)


git.Repo.clone_from(url, repo_dir, env={"GIT_SSH_COMMAND": 'ssh -i /PATH/TO/KEY'})
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

This answer should be upvoted more. I was mislead by another answer here which didnt work for the clone_from case.
2

This variant:

git.Repo.clone_from("[email protected]:user/coolrepo.git", r"..\coolrepo", env=dict(GIT_SSH_COMMAND="ssh -i id_rsa"))

works fine for me!

Improve this answer

Comments

0

While the existing answers cover cases where missing the SSH env was the issue, I had a scenario where the remote host key would only be accepted via GitPython, and the environment wasn't able to be modified to include that host key in known hosts.

To ensure host key mismatches never break your code, disable strict host key checks through manipulation of the ssh command:

git.Repo.clone_from(
    url, 
    repo_dir, 
    env={
        "GIT_SSH_COMMAND": "ssh -o StrictHostKeyChecking=no -i /path/to/key"
    }
)
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.