Repository authentication
If authentication (HTTP(S) or SSH) is required to git clone
a repository then you must provide credentials to the container.
First, ensure your Site admin > Manage repositories code host configuration is configured to use SSH. For example, by setting the gitURLType
field to "ssh". Alternatively, you may use the "Generic Git host" code host type, which allows you to directly specify Git repository URLs for cloning.
Then, follow the directions below depending on your deployment type:
- Sourcegraph with Docker Compose: See the Docker Compose git configuration guide.
- Sourcegraph with Kubernetes: See Configure repository cloning via SSH.
- Single-container Sourcegraph: See the single-container git configuration guide.
- Pure-docker Sourcegraph: See Configuring SSH cloning.
Troubleshooting
What should be included in my config file?
We recommend adding the StrictHostKeyChecking no
and AddKeysToAgent yes
flags to prevent the need to give permission interactively when cloning from a new host.
Host * StrictHostKeyChecking no AddKeysToAgent yes
See git configuration for more details.
Host key verification failed
Error: This indicates an invalid key is being used. You can confirm the error by cloning inside the gitserver directly. For example:
docker exec -it gitserver-0 sh cd data/repos/<CODE-HOST>/<REPO-OWNER> git clone <SSH-URL>
Bad owner or permissions on /home/sourcegraph/.ssh/<YOUR-CONFIG-FILE>
Error: This indicates the container is having trouble reading the configuration files due to permission / owner issues.
The permission and ownership settings inside your .ssh/
directory should look similar to:
$ ls -al #command to display list of file with detailed information total 20 drwxr-xr-x 6 sourcegr sourcegr 192 May 12 19:54 . drwxr-sr-x 1 sourcegr sourcegr 4096 May 12 19:43 .. -rw------- 1 sourcegr sourcegr 34 May 12 19:22 config -rw------- 1 sourcegr sourcegr 411 May 12 18:52 id_ed25519 -rw------- 1 sourcegr sourcegr 98 May 12 18:52 id_ed25519.pub -rw------- 1 sourcegr sourcegr 799 May 12 19:54 known_hosts
Solution
- Inside the
.ssh
directory on the Host Machine:- Permission on all files must be set to
600
, and700
for the directory itself. - Files must be owned by a user who has access to the docker container. This can be done via
sudo chown -v -R $USER:$GROUP
(the user may need to set these values).
- Permission on all files must be set to
- (OR) Inside the
/home/sourcegraph/
directory on Docker Compose:- Permission on all files must be set to
600
, and700
for the directory itself. - Files must be owned by the root user, which is
sourcegraph
by default. This can be done viasudo chown -v -R $USER:$GROUP
(the user may need to set these values).
- Permission on all files must be set to
Permissions 0644 for '/home/sourcegraph/.ssh/<YOUR-PRIVATE-KEY-FILE>' are too open
Error: This indicates the permission on your private key file is accessible by users other than the file owner. Setting the file permission to 600 resolves the issue.