pipeline: .ssh configs etc are not available when running manual git commands in other steps.
I have a PipelineResource of type git
When properly configured this yields all the required ssh components under /tekton/home/.ssh and my git repo is cloned under /workspace
I then proceeded to add a step in my Task such as
- name: pre-build-and-push
image: ubuntu
command:
- /bin/bash
args:
- -c
- |
cd /workspace/my-git-source
git pull
This led me down hours of looking into why I kept getting Host key verification failed. errors despite the current user root yielding /home/tekton when having the shell state that ~ is indeed /tekton/home… that contains a legit .ssh dir with all the proper configs/known_hosts etc.
My git pull only worked finally after copying /tekton/home/.ssh to /root/.ssh…
Additional Info
https://github.com/tektoncd/pipeline/issues/1836#issuecomment-575741808
https://tektoncd.slack.com/archives/CJ62C1555/p1580479063149600
About this issue
- Original URL
- State: closed
- Created 4 years ago
- Comments: 20 (2 by maintainers)
Starting in 0.24 the HOME directory will no longer be automatically set to
/tekton/home. This means creds-init credentials will be placed in/tekton/credsand tasks that usegitwill need to copy them into the user’s home directory. Thegit-clonecatalog task andGit PipelineResourceboth do this for the user automatically.Generally I am trying to get Tekton away from the “creds-init” mechanism and promote Workspaces as a way to explicitly accept credentials in tasks. The creds-init mechanism is kinda bad for a bunch of reasons (sprays creds into every Step container, fails really ambiguously and is hard to debug, only supports docker & git, etc etc). However we still need to support it for backwards compatibility reasons.