#Using private github repos on Github Actions

Was wondering if its possible to use "GitHub Action for Dagger" on private repos, I tried using the .netrc way and get the following error:

failed to get configured module: failed to get module ref kind: input: moduleSource resolve: failed to resolve git src to commit: failed to load cache key: NotFound: rpc error: code = NotFound desc = socket default not found

github workflow:

      - name: Checkout
        uses: actions/checkout@v4

      # https://go.dev/doc/faq#git_https
      # https://github.com/actions/checkout/tree/v2.0.0#checkout-a-different-private-repository
      - name: Set up .netrc
        run: echo 'machine github.com login ${{ secrets.GH_USERNAME }} password ${{ secrets.GH_PAT }}' > $HOME/.netrc

      - name: Set up SSH key
        run: |
          mkdir ~/.ssh
          echo '${{ secrets.SSH_KEY }}' > ~/.ssh/id_ed25519
          chmod 600 ~/.ssh/id_ed25519

      - name: Set up Git
        run: /usr/bin/git config --global url.git@github.com:.insteadOf https://github.com/

      - name: Build
        uses: dagger/dagger-for-github@v6
        with:
            version: "latest"
            verb: call
            module: git@github.com:myorg/dagger-poc-spring-petclinic.git@${{ github.ref }}
            # module: github.com/${{ github.repository }}@${{ github.ref }}
            args: --ref ${{ github.ref }} build
            cloud-token: ${{ secrets.DAGGER_CLOUD_TOKEN }}```

hm, we've seen this upon occasion in tests - cc @tender prawn

do you have reproduction instructions?

@glad orchid updated the post, thanks

I was able to achieve this with https://github.com/cardoe/ssh-agent-deploy-key

keep us posted @quick bloom

We had the same issue.
We workaround it by adding an eval $(ssh-agent -s) + ssh-add ./ssh/id_ed25519 before the dagger call (we maintain our own github action)
Probably the same as @bleak fulcrum has shared

how different is this echo '${{ secrets.SSH_KEY }}' > ~/.ssh/id_ed25519 to what you do?

echo '${{ secrets.SSH_KEY }}' > ~/.ssh/id_ed25519 puts the key into a file

When you run the github action uses: dagger/dagger-for-github@v6 I am unsure if the ssh env vars that dagger will look for to use for auth are available.
By doing eval $(ssh-agent -s) && ssh-add ./ssh/id_ed25519 you can ensure that those env vars are available for dagger to use (with the key loaded into the agent)

(I am assuming that's how dagger implemented ssh auth btw! By reading the env vars 😅 )

thanks, and you do the same in your own github action?

https://github.com/dagger/dagger/pull/7708/files#diff-bb8fba2a10b96c16befe2b145e4e580f38839f20e0518cfd8c678d2296c27cb1R243-R258
With my limited knowledge of the dagger code, I think I'm not far off in my assumption 🙂

Yes, we do that in our own action, just before dagger call

Again, probably worth trying what Yibble shared... The ssh-agent-deploy-key action probably achieves the same

thanks everyone, I've tried with webfactory/ssh-agent and it worked fine.
Any Github issue I can track for the PAT support?

cc @tender prawn do we have an issue on the PAT support?