#Git SSH auth?

Trying to do a simple git clone as shown and I've got 2 questions/Issues.

src := client.Git("git@github.foo/bar.git").Branch("master").Tree()

This returns the below.

#14 git://github.com/foo/bar.git#master
#0 0.120 Initialized empty Git repository in /var/lib/buildkit/runc-overlayfs/snapshots/snapshots/1289/fs/
#14 1.499 ERROR: The `foo' organization has enabled or enforced SAML SSO. To access
#14 1.499 this repository, you must use the HTTPS remote with a personal access token
#14 1.499 or SSH with an SSH key and passphrase
#14 1.499 that has been authorized for this organization. Visit
#14 1.499 https://docs.github.com/articles/authenticating-to-a-github-organization-with-saml-single-sign-on/ for more information.
#14 1.499 
#14 1.499 fatal: Could not read from remote repository.
#14 1.499 
#14 1.499 Please make sure you have the correct access rights
#14 1.499 and the repository exists.
#14 ERROR: failed to fetch remote git@github.com:foo/bar.git: exit status 128

1. Despite having my ssh agent set, I'm getting an error - git clone the same shell (outside of dagger) on the same url works fine. I recall from a while back that the ssh-agent should be sufficient, not sure if I'm missing some step...? Any tips appreciated.
2. This step fails but the pipeline continues. This is rather shocking behavior. There doesn't appear to be a clear way to return an error from git clone. Is there some api I don't know about?

Tiny add'l context. I've been working around this with a custom step using gh cli to build src directory, but from my understanding the built in git should provide better buildkit caching

Hi,
We forward the ssh-agent socket. You can do the following command: ssh-add ~/.ssh/id_rsa

Oh, it doesn't work ?

Yup i've already done that 😬

Mmmh, we added the forward of socket agents (from host) + inside containers primitives in our API

Can you please try mounting it inside your ctx container?

FWIW my key is not the standard id_rsa - but named differently, and requires a passkey that I set when I ssh-add

I'll touch up the above snippet. ctx is not a container. I'm calling the engine client directly.

Given that I'm a little confused on how I should be mounting socket? From my understanding this is a direct engine call

Yes I don't think it is an issue at all, on the contrary. ssh-add is made for that 😇

Hmm, I have a repro, 2 sec:

(testing the repro locally, might take a few more mins)

Mmmh, getting a weird error, when relying on ssh urls ->

2022/12/21 21:14:56 input:1: git.tag.tree.file.contents NotFound: no ssh handler for id default

Please visit https://dagger.io/help#go for troubleshooting guidance.
exit status 1

Going to eat, then checking it out. We might have broken something 😇

uh oh! lol thanks for looking into it

A bit too tired, will explore tomorrow if ok with you

Or maybe @mellow umbra knows more about this use case ?

Ok, I got it working @magic wasp. Everything worked perfectly, I was not up-to-date with latest API changes. Here is a full repro:

package main

import (
    "context"
    "fmt"
    "log"
    "os"

    "dagger.io/dagger"
)

var SSH_AUTH_SOCK = os.Getenv("SSH_AUTH_SOCK")

func main() {
    client, err := dagger.Connect(context.Background(), dagger.WithLogOutput(os.Stderr))
    if err != nil {
        log.Fatal(err)
    }
    defer client.Close()

    oki, err := client.Git("git@github.com:dagger/dagger.git").Branch("main").
        Tree(dagger.GitRefTreeOpts{
            SSHAuthSocket: client.Host().UnixSocket(SSH_AUTH_SOCK),
        },
        ).Entries(context.TODO())

    if err != nil {
        log.Fatal(err)
    }

    fmt.Println("done", oki)
}

Thanks for your thread, will update the docs accordingly 🙏