[Custom Clone Failure] File Not Found

Drone Support
1

I’m trying to enable SSH access and therefore, I need to run a custom bash script which is in root of my git repo. I took help from Drone’s custom logic docs, and use this script:

kind: pipeline
name: default

clone:
  disable: true

steps:
- name: clone
  image: docker:git
  commands:
    - echo "Cloning."
    - scripts/drone-ssh-key.sh
    - git clone git:...

However, I’m getting an error “drone-ssh-key.sh” not found.

But if I run a simpler configuration like…

pipeline:
  build:
    image: ubuntu
    commands:
      - apt-get update
      - apt-get install python -y
      - which python
      - python main.py

It reads my files smoothly. However, it throws a duplicate step error if I try to put a clone step over here.

Need help – I need to run the first file having it read my git repo.

2

from what I can tell you have disabled the default clone step, but are trying to invoke scripts/drone-ssh-key.sh before the repository is cloned. As a result, scripts/drone-ssh-key.sh does not exist yet. So this seems expected.

3

@bradrydzewski I need to invoke the scripts/drone-ssh-key.sh before cloning the repo, because it adds my pvt keys so that I can clone through git+ssh (git:url/repo)

4

I think there is a misunderstanding. How can drone invoke a file before it has cloned any files?

5

Can you tell me a way around this ? How do I achieve this ?

6

I would need more details. What does scripts/drone-ssh-key.sh do? Where does it get your ssh key from? What is wrong with the default clone step?

7

@bradrydzewski This is what drone-ssh-key.sh contains…

#!/bin/bash
# drone-ssh-key.sh
set -e
echo "Adding private ssh key"
mkdir /root/.ssh
echo -n "$DRONE_PRIVATE_SSH_KEY" > /root/.ssh/id_rsa
chmod 600 /root/.ssh/id_rsa
# add gogs server to our known hosts.
touch /root/.ssh/known_hosts
chmod 600 /root/.ssh/known_hosts
ssh-keyscan -H X.X.X.X > /etc/ssh/ssh_known_hosts 2> /dev/null
echo "Key added"

Also, I just tried cloning the repo first with git+http and then run drone-ssh-key.sh, and it still throws the same error.

PS - I’m running a GOGS a container on X.X.X.X

8

This is what drone-ssh-key.sh contains…

Where does DRONE_PRIVATE_SSH_KEY come from? I do not see anywhere in your yaml that instructs Drone to load this environment variable into the step.

Also, I just tried cloning the repo first with git+http

Why are you not using the default clone step? Perhaps it would be more prudent to try to troubleshoot why the default clone does not work for you, instead of troubleshooting this complex and non-standard workaround?

9

@bradrydzewski DRONE_PRIVATE_SSH_KEY is a drone secret.

Also, default clone doesn’t work for me because I want to clone with git+ssh. Not git+http.

10

The sample yaml you posted does not show the secret being injected into the environment. https://docs.drone.io/user-guide/secrets/pre-repository/

11

I’ve referred to this doc link and injected the secret into env. My secrets are being loaded and Keys are also getting added. My yaml file looks something like this now…

kind: pipeline
name: default

clone:
  disable: true

steps:
- name: clone
  image: docker:git
  environment:
    SSH_KEY:
      from_secret: DRONE_PRIVATE_SSH_KEY  
  commands:
    - which ssh-agent || ( apt-get update -y && apt-get install openssh-client -y )
    - eval $(ssh-agent -s)
    - mkdir /root/.ssh && echo "$SSH_KEY" > /root/.ssh/id_rsa && chmod 0600 /root/.ssh/id_rsa
    - ssh-keyscan -H 172.19.0.2 >> /root/.ssh/known_hosts
    - cat /root/.ssh/known_hosts

    - git clone git@172.19.0.2:wahal/test.git

But now I have the error

git@172.19.0.2: Permission denied (publickey,keyboard-interactive).
17 fatal: Could not read from remote repository.
18
19 Please make sure you have the correct access rights
20 and the repository exists.
12

there may be some existing threads that can help you triage this error:
http://discuss.harness.io/search?q=Could%20not%20read%20from%20remote%20repository