Clone repository using ssh #180

New issue

Open

opened 2024-04-15 22:23:05 +00:00 by mnq · 4 comments

mnq commented

2024-04-15 22:23:05 +00:00

I have setup forgejo runner with default options as described in the documentation. I can run simple tests and things seem to work just fine.

But then when I try to clone a public repository using ssh, the job freezes and it looks like that the ssh connection does not establish at all. Are there any specific setting to allow ssh connection from the container to outside repositories?

Here is an example job:

jobs:
  tests:
    runs-on: ubuntu-latest
    steps:
      - name: Clone public repository
        run: git clone git@code.forgejo.org:forgejo/runner.git

My goal is to ultimately clone a private repository on a self-hosted forgejo instance.

I have setup forgejo runner with default options as described in the documentation. I can run simple tests and things seem to work just fine. But then when I try to clone a public repository using ssh, the job freezes and it looks like that the ssh connection does not establish at all. Are there any specific setting to allow ssh connection from the container to outside repositories? Here is an example job: ``` jobs: tests: runs-on: ubuntu-latest steps: - name: Clone public repository run: git clone git@code.forgejo.org:forgejo/runner.git ``` My goal is to ultimately clone a private repository on a self-hosted forgejo instance.

earl-warren commented

2024-04-16 05:17:32 +00:00

Owner

It won't work without an ssh key. There are no specific settings.

thefox commented

2024-04-16 08:35:30 +00:00

Member

To make this would you'd have to pass a key to the job via secret, store it and then clone the repository. You could wrap it in an action if you want but cloning with a key is out of scope for forgejo actions themselves.

The usual solution is actions/checkout

👍 1

mnq commented

2024-04-18 01:47:01 +00:00

Author

Thanks @thefox. I tried that approach but still no luck. I added a deploy key to the repo I like to connect to and added it as secrets to the repo I want to run actions in. Then used the following:

jobs:
  tests:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v4
      - name: Test ssh connection
        run: |
          eval `ssh-agent -s`
          ssh-add - <<< '${{ secrets.KASHEF_CORE_DEPLOY_KEY }}'
          git clone "ssh://git@git.mydomain.net:8611/internal/dependency-repo.git"

Looking at the runner's log, it is stock at cloning the repo for ever:

| Agent pid 115
| Identity added: (stdin) (kashef-core-deploy-keys)
| Cloning into 'dependency-repo'...

Thanks @thefox. I tried that approach but still no luck. I added a deploy key to the repo I like to connect to and added it as secrets to the repo I want to run actions in. Then used the following: ``` jobs: tests: runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v4 - name: Test ssh connection run: | eval `ssh-agent -s` ssh-add - <<< '${{ secrets.KASHEF_CORE_DEPLOY_KEY }}' git clone "ssh://git@git.mydomain.net:8611/internal/dependency-repo.git" ``` Looking at the runner's log, it is stock at cloning the repo for ever: ```bash | Agent pid 115 | Identity added: (stdin) (kashef-core-deploy-keys) | Cloning into 'dependency-repo'... ```

thefox commented

2024-04-18 08:49:47 +00:00

Member

I'll try to do this when I'll have some time, it's interesting if anything.
You can also try running git clone with verbose set. It might give you some insights.

In general if you use actions/checkout@v4 you don't need to checkout via ssh.

I'll try to do this when I'll have some time, it's interesting if anything. You can also try running `git clone` with `verbose` set. It might give you some insights. In general if you use actions/checkout@v4 you don't need to checkout via ssh.