Allow using SSH private keys for GIT authentication
acknowledged
F
Friendly Duck
The only current method to authenticate Seqera with GitHub is using a PAT. This requires a full GitHub account, for us it means paying for an additional organization license.
GitHub supports the option of using "deploy keys" that can be added at the repository level for exactly the use-case of continuous deployments. It would be great if Seqera which already supports storing SSH private keys as credentials, it could use this method to authenticate GIT pulls.
C
Charcoal Mandrill
this sounds like a great idea, another reason to use this feature was recently encountered; git submodules
our users all must do their interactive
git clone
via ssh credentials so if we add a git submodule to a repo, it must use the SSH remote URL in order for anyone to be able to git clone it
this breaks Seqera Platform since it appears that when the pipeline launches, Platform attempts to do a
git clone --recursive
(??) and the Run fails before the pipeline can even launch due to errors cloning the repoas soon as you change the git submodule remote to https, this issue goes away ; but using https git submodule breaks all users' ability to
git clone --recursive
the repo themselvesso unless there's another solution for this situation, it would appear that using SSH key based Git auth within Seqera Platform would be required if you want to include git submodules with ssh remotes in your repo
Rob Newman
Rob Newman
Charcoal grey Sailfish - We have merged your request with an existing feature request. Thanks for your feedback.
Rob Newman
Merged in a post:
Launch Pipeline Run using private Gitlab repository via SSH
C
Charcoal grey Sailfish
I need to run a pipeline stored on our private Gitlab repo. The repo only allows cloning of repos by SSH. I can't find any documentation regarding this. Do you have a way for me to do this? When trying to run a pipeline I just get this error:
F
Friendly Duck
Rob Newman yes, GitHub App would be an improvement. Thanks!
Rob Newman
Friendly Duck: We are currently evaluating using a Github app. Would that fulfill your request?
C
Continuous Squid
Same for gitlab, I don't like to use a personal access token to provide access to the full organisation.
Rob Newman
acknowledged