argo-cd: Unable to add SSH or HTTPS repos on AWS Hosted Gitlab

If you are trying to resolve an environment-specific issue or have a one-off question about the edge case that does not require a feature then please consider asking a question in argocd slack channel.

Checklist:

I’ve searched in the docs and FAQ for my answer: https://bit.ly/argocd-faq.
I’ve included steps to reproduce the bug.
I’ve pasted the output of argocd version.

Describe the bug

Unable to add any repositories to ArgoCD on AWS hosted gitlab

To Reproduce

argocd repo add ssh://gitlab.mydomain.com/devops/argocd-deployment --ssh-private-key-path ./argocd-onprem FATA[0000] --ssh-private-key-path is only supported for SSH repositories.

argocd repo add ssh://gitlab.mydomain.com/devops/argocd-deployment FATA[0000] rpc error: code = Unknown desc = error creating SSH agent: “SSH agent requested but SSH_AUTH_SOCK not-specified”

argocd repo add git@gitlab.mydomain.com:devops/argocd-deployment.git FATA[0000] rpc error: code = Unknown desc = error creating SSH agent: “SSH agent requested but SSH_AUTH_SOCK not-specified”

argocd repo add git@gitlab.mydomain.com:devops/argocd-deployment.git --insecure-ignore-host-key --ssh-private-key-path ./argocd-onprem FATA[0001] rpc error: code = Unknown desc = unknown error: remote:

argocd repo add https://gitlab.mydomain.com/devops/argocd-deployment.git --username svc_argocd_onprem Password: FATA[0001] rpc error: code = Unknown desc = authorization failed

Expected behavior

I expect it to add the repo. I have verified the SSH key has been added to the user and it has access to repo. For HTTPS, I am using a token.

Version

argocd: v2.1.6+a346cf9
  BuildDate: 2021-10-28T19:59:40Z
  GitCommit: a346cf933e10d872eae26bff8e58c5e7ac40db25
  GitTreeState: clean
  GoVersion: go1.16.5
  Compiler: gc
  Platform: linux/amd64
argocd-server: v2.1.7+a408e29
  BuildDate: 2021-11-17T22:10:27Z
  GitCommit: a408e299ffa743213df3aa9135bf7945644ec936
  GitTreeState: clean
  GoVersion: go1.16.5
  Compiler: gc
  Platform: linux/amd64
  Ksonnet Version: v0.13.1
  Kustomize Version: v4.2.0 2021-06-30T22:49:26Z
  Helm Version: v3.6.0+g7f2df64
  Kubectl Version: v0.21.0
  Jsonnet Version: v0.17.0

It’s worth mentioning that this is a VM cluster installed via Kubespray with nginx+metallb ingress.

About this issue

Original URL
State: open
Created 3 years ago
Reactions: 2
Comments: 18 (2 by maintainers)

Most upvoted comments

I don’t see how it can be. A port number can’t be a string. My guess is that it should be a slash before “devops”, and not a colon.

Do you have a reference, or a real URL that works with this exact format?

Any GitHub project expect this URL format for SSH, you can pick your favorite. E.g. git@github.com:sigstore/cosign.git. The way customers get it is through GitHub when they select to clone repo using SSH:

I am with you as far as the overall spirit, this format is wrong, but it is used.

shapirov103 on Feb 1, 2022

This is a bit of a drive-by but that URL has a colon in an unexpected place.

Aside from the suggestion @jannfis already made, I wonder about a check for well-formed URLs. This could be added to git.NewClient, where the present check is failing, to align with the call to uri.parse in util/helm/client.go.

package main

import (
	"fmt"
	"net/url"
)

func main() {
	s := "ssh://git@gitlab.mydomain.com:devops/argocd-deployment.git"

	_, err := url.Parse(s)
	if err != nil {
		panic(err)
	}

	fmt.Println("URL parsed successfully!")
}

When running the above code net/url’s parse method reports:

parse “ssh://git@gitlab.mydomain.com:devops/argocd-deployment.git”: invalid port “:devops” after host

which is a lot more useful than the current output.

ChetHosey on Dec 25, 2021