Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Ask a Question
Welcome To Ask or Share your Answers For Others

Categories

git - GitLab runner gets "host key verification failed" for submodules

0 votes
1.1k views
in Technique[技术] by (71.8m points)

git - GitLab runner gets "host key verification failed" for submodules

I am facing the following issue:
I am trying to configure a GitLab CI pipline (shell).
My repository contains two submodules.
Both submodules are on the same GitLab server as the super repository that contains them.
The clone is an SSH clone, I have configured the keys locally, and also added my key to GitLab.
On the machine where the runner is installed, I can clone everything with no issues including the submodules.
However when the runner is trying to clone, it returns with "host key verification failed" but only for the submodules.
I have tried configuring the runner both with its own user and with my user :

sudo gitlab-runner install --user=<user>

to no effect.
What confuses me the most is that the error is only for the submodles even though they are on the same server as the super repo that contains them, and the super repo can be cloned with no issue (when I turn off the submoudle recursive var in the yml file):

GIT_SUBMODULE_STRATEGY: recursive

But then of course I don't have the submodules.
I will be grateful for any suggestions on what to check or try!


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)

"host key verification failed" is about the machine key (the ones listed in ~/.ssh/known_hosts), not your gitlab key.

For example : if the initial git clone is not run with the same user as the one which updates the submodules, then they do not have the same ~/.ssh/known_hosts file, and the ssh command could work for the first user without error, while failing for the second.

The clean fix would be : copy the host key you know to be correct to the expected known_host file.

see for example ssh use known_hosts other than $HOME/.ssh/known_hosts :

# use a 'known_hosts' file with the host key of your git server
GIT_SSH_COMMAND=`ssh -o UserKnownHostsFile=<some provisioned known_hosts file>`

The workaround almost everybody uses is : turn HostKey verification off.

# for example : set the GIT_SSH_COMMAND environment variable
GIT_SSH_COMMAND='ssh -o StrictHostKeyChecking=no'

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

Just Browsing Browsing

2.1m questions

2.1m answers

60 comments

56.6k users

Most popular tags

Powered by Question2Answer
Donate
Theme by Q2A Market&&OStack.cn
...