#Unable to clone a repo via SSH using a *dagger.Directory arg

1 messages · Page 1 of 1 (latest)

inner hazel
#

Hi, I have a private dagger module that expects a Git repo location (also private) as a directory argument. Run locally, it works as expected and the private git repo is cloned fine.

When running in GitHub, I see the error below.
Command
- name: Run StackHawk via CLI run: | curl -fsSL https://dl.dagger.io/dagger/install.sh | BIN_DIR=$HOME/.local/bin sh dagger version dagger -m git@github.com:<private-daggerverse>.git/<module>@v0.34.1 call \ <function> \ --template-repo=git@github.com:<private-repo-arg>.git@main
Output
! failed to convert result: failed to load cache key: error fetching default branch for repository git@github.com:<private-repo-arg>.git: git error: exit status 128 stderr: ERROR: Repository not found. fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists.

Everything in < > is replaced and I checked the following:

  1. My credentials / url are correct for the private repo being passed as an arg.
    I have two deploy keys set using the webfactory/ssh-agent@v0.9.0 GitHub Action. One is to access our private daggerverse repo and the other is for the private repo arg.
  • I have a step after setting the creds to directly try cloning the repo arg via git clone and it works.
  • I've checked that SSH_AUTH_SOCK matches what's returned by webfactory/ssh-agent@v0.9.0 and that each of the keys have been added by running ssh-add -l

  1. It's not the GitHub Action
    I've tried both the dagger/dagger-for-github@v6.0.0 GitHub Action and dagger CLI with the same result

  2. Doesn't appear that the issue is when multiple keys are loaded (at least not locally) https://github.com/dagger/dagger/issues/8288
    This works locally when multiple keys are specified using ssh-add and fails when the repo arg one is removed ssh-add -D

Any suggestions on what to test next? Thanks in advance 🙂

GitHub
core(private-modules): ssh-agent forward seems to break when multip...

Following a discussion with @aweris #1279115372116705422 message I don't think this is a socket forward issue, but more a config on ou...

#

I've also looked through these dagger docs
https://docs.dagger.io/api/remote-modules/#authentication-methods
https://docs.dagger.io/api/arguments/#directory-arguments

And this differs from the post below in help because the private daggerverse repo I'm using is being pulled fine
https://discordapp.com/channels/707636530424053791/1279115372116705422/1279115372116705422

Using Modules from Remote Repositories | Dagger

Dagger supports the use of HTTP and SSH protocols for accessing remote repositories as Dagger modules, compatible with all major Git hosting platforms such as GitHub, GitLab, BitBucket, Azure DevOps, Codeberg, and Sourcehut. Dagger supports authentication via both HTTPS (using Git credential managers) and SSH (using a unified authentication appr...

Arguments | Dagger

Dagger Functions, just like regular functions, can accept arguments. In addition to basic types (string, boolean, integer, arrays...), Dagger also defines powerful core types which Dagger Functions can use for their arguments, such as Directory, Container, Service, Secret, and many more.

#

Clone a repo in a GitHub workflow via SSH using a *dagger.Directory arg

inner hazel
#

Unable to clone a repo via SSH using a *dagger.Directory arg

lyric pond
inner hazel
#

Hi Jason, unfortunately no luck -- I just tried modifying to add the ssh keys directly in the same step as well.

- name: Run module via Dagger CLI & using ssh-add directly run: | eval "$(ssh-agent -s)" ssh-add - <<< '${{ secrets.daggerverse_deploy_key }}' ssh-add - <<< '${{ secrets.directory_arg_deploy_key }}' curl -fsSL https://dl.dagger.io/dagger/install.sh | BIN_DIR=$HOME/.local/bin sh dagger -m git@github.com:<private-daggerverse>.git/<module>@v0.34.1 call \ <function> \ --template-repo=git@github.com:<private-repo-arg>.git
I can switch back to using dagger/dagger-for-github if you think that would make a difference

inner hazel
#

Testing this some more, the issue does appear to be use of multiple ssh keys.

I can clone each repo right before making the dagger call if I set up the ssh config file and use aliases, but the dagger call itself still fails on the directory arg repo

workflow step
` - name: Run module via Dagger CLI & using ssh-add directly
run: |
eval "$(ssh-agent -s)"

      # Create the .ssh directory if it doesn't exist
      mkdir -p ~/.ssh
      
      # Save SSH keys to specific files
      echo "${{ secrets.daggerverse_deploy_key }}" > ~/.ssh/daggerverse_deploy_key
      echo "${{ secrets.directory_arg_deploy_key }}" > ~/.ssh/directory_arg_deploy_key
      chmod 600 ~/.ssh/daggerverse_deploy_key
      chmod 600 ~/.ssh/directory_arg_deploy_key

      # Add SSH keys to the agent
      ssh-add ~/.ssh/daggerverse_deploy_key
      ssh-add ~/.ssh/directory_arg_deploy_key

      # Create SSH config file
      mkdir -p ~/.ssh
      echo -e "Host daggerverse\n  HostName github.com\n  User git\n  IdentityFile ~/.ssh/daggerverse_deploy_key\n" >> ~/.ssh/config
      echo -e "Host directory-arg\n  HostName github.com\n  User git\n  IdentityFile ~/.ssh/directory_arg_deploy_key\n" >> ~/.ssh/config

      # Add GitHub's SSH key to known hosts
      ssh-keyscan github.com >> ~/.ssh/known_hosts

      # Clone repositories using the specified SSH keys
      git clone git@daggerverse:<private-daggerverse>.git
      git clone git@directory-arg:<private-repo-arg>.git

`

Error when calling dagger module same as previous message but passing in --template-repo=git@directory-arg:<private-repo-arg>.git
! failed to convert result: failed to load cache key: error fetching default branch for repository git@directory-arg:<private-repo-arg>.git: git error: exit status 128