-
Suggestion
-
Resolution: Fixed
-
12
-
42
-
I'm not sure if this is applicable, so if someone find this issue wrong - please 'wontfix' it.
Lets assume we have a Git repository hosted via ssh:// protocol. Access to that repository is via the ssh (rsa) private/public key authentication. Lets assume the repo contain submodules. So for example we have in .submodules
[submodule "submodules/core"] path = submodules/core url = ssh://git.company.com/projects/core.git
(where our repository is under ssh://git.company.com/projects/product.git)
In such scenario Bamboo Agents will do:
1) fetch the data from ssh://d73ceba5-2327-4e81-8c63-f61ad3024bc3@127.0.0.1:58505/projects/product.git -PROXIED> ssh://git.company.com/projects/product.git to agent's Job working directory
2) bamboo issues "git submodule init; git submodule update" commands.
3) thus git notices there are some submodules defined (in "workDir/.submodules" file)
4) git will execute another fetch, this time from ssh://git.company.com/projects/core.git and will put it under ./submodules/core directory (note that here it is the Git that deduces the correct url from .submodules file, not the Bamboo).
5) finish (update the workspace, index, etc)
Now, problem is in step (4) - it won't go through Bamboo SSH proxy, and as it won't be proxied the Bamboo user will have to setup all Bamboo Agents correctly (with .ssh/config files and rsa-identity files). This can be PITA. Would be good if somehow Bamboo would work with submodules in more transparent way so the Bamboo user wouldn't have to do the setup manually.
- is duplicated by
-
BAM-11472 Git submodule support not working for SSH private key authenticated checkouts
-
- Closed
-
-
-
- Closed
-
- is related to
-
-
- Closed
-
-
-
- Closed
-
- relates to
-
- Closed
-
- Closed
- copied to
-
BDEV-529 Loading...
- links to
- mentioned in
-
-
-
-
-
-
-
-
-
-
-
[BAM-11369] If I want to use git submodules then I shouldn't have to upload and configure SSH keys on each Bamboo Agent.
I can't make it work using YAML specs.
I set id_rsa ssh key with chmod 600 on the agent.
I also configured the .ssh/config to use this key. 
Please, fix this bug.
@jcbsv Thank you for your help, it work!
But i have to make a minor modification in order to make it work - replaced > to />
@echo off if exist "%USERPROFILE%" ( if not exist "%USERPROFILE%\.ssh" mkdir "%USERPROFILE%\.ssh" ) call :data1 /> "%USERPROFILE%\.ssh\id_rsa" exit /b :data1 echo -----BEGIN RSA PRIVATE KEY----- echo ... echo -----END RSA PRIVATE KEY----- exit /b
@jingzheng.tan, you can add a script task to your build plan (before the source code checkout task) that uploads the ssh key to the agent, see this blog post for details: https://blog.nephics.com/2018/08/24/multi-repository-build-plans-with-atlassian-bamboo/
I encountered the same problem and i google but yet to find a solid work-around. Does anyone have luck to find one?
Hi everyone,
Thanks for your interest in this issue.
This request is considered a potential addition to our longer-term roadmap.
We'll typically review this request in about 6 months time, at which point we’ll consider whether we need to alter its status.
For the nearest future we've decided to prioritise other areas of the Bamboo roadmap, including:
- Performance and stability improvements
- Providing building blocks for High Availability and Disaster Recovery solutions
- Improving permission system
- Allowing per-project allocation of resources
- Improving Bitbucket Server and Jira integrations
You can learn more about our approach to highly voted server suggestions here.
To learn more on how your suggestions are reviewed, see our updated workflow for server feature suggestions.
Kind regards,
Bamboo Team
I put in a support ticket and received a workaround that works IF you are using Bitbucket with Bamboo. I don't know whether this works with any other Git server. The workaround is to use only relative SSH URLs in your .gitmodules file. This only works if your main repository is on the same server as the submodule repositories you are trying to authenticate against. If you have external submodules, you'll have to clone them into the same Bitbucket instance as your main repository in order to use this workaround.
Also, note that you still need to manually copy the public SSH key from the "Advanced" tab of the main Repository configuration, and add it as a "Read" Access Key in the repository permissions of each of the submodules in Bitbucket.