Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to create application from private SSH repository: key is unknown #1743

Closed
basvandenbrink opened this issue Jun 14, 2019 · 7 comments
Closed

Unable to create application from private SSH repository: key is unknown #1743

basvandenbrink opened this issue Jun 14, 2019 · 7 comments
Labels
bug Something isn't working

Comments

@basvandenbrink
Copy link

basvandenbrink commented Jun 14, 2019
edited
Loading

Describe the bug
I cannot create an application based on a private Git repository using SSH.

To Reproduce

  1. Modify Argo CD deployment according to this documentation.
  2. Create a Secret containing the private SSH key and configure the repository using a ConfigMap as documented here.
  3. Verify that Argo CD is connected successfully using the web gui.
  4. Create an application from this repository using the web gui or cli.

Expected behavior
I expected that the application is created successfully and that Argo CD deploys this application on the cluster.

Version

argocd: v1.0.1+5fe1447.dirty
  BuildDate: 2019-05-28T17:26:35Z
  GitCommit: 5fe1447b722716649143c63f9fc054886d5b111c
  GitTreeState: dirty
  GoVersion: go1.11.4
  Compiler: gc
  Platform: linux/amd64
argocd-server: v1.0.1+5fe1447.dirty
  BuildDate: 2019-05-28T17:27:38Z
  GitCommit: 5fe1447b722716649143c63f9fc054886d5b111c
  GitTreeState: dirty
  GoVersion: go1.11.4
  Compiler: gc
  Platform: linux/amd64
  Ksonnet Version: 0.13.1

Logs

Unable to create application: application spec is invalid: InvalidSpecError: Unable to determine app source type: rpc error: code = Unknown desc = ssh: handshake failed: knownhosts: key is unknown
@basvandenbrink basvandenbrink added the bug Something isn't working label Jun 14, 2019
@alexec
Copy link
Contributor

alexec commented Jun 14, 2019

  1. Can you please tell me what tool you're using. Helm? Kustomize? Other?
  2. Can you please provide a link to to the Git repository?

@alexec
Copy link
Contributor

alexec commented Jun 14, 2019

Maybe fixed by #827 if Kustomize.

@basvandenbrink
Copy link
Author

basvandenbrink commented Jun 17, 2019
edited
Loading

Thanks for your reaction.

I am using a Helm charts that is stored on the repository.

I looked at the issue you mentioned and executing ssh-keyscan <url> > ~/.ssh/known_hosts on the repo server solved the issue.

Another thing: the example shown here states that known_hosts file has to be hashed (ssh-keygen -Hf known_hosts). I have tried to copy /etc/ssh/ssh_known_hosts to ~/.ssh/known_hosts, but that doesn't work, since ~/.ssh/known_hosts may not be hashed for some reason.

Looking forward to v1.1.0. I hope it is then fixed. Is there also going to be a native option to add known_hosts entries?

@basvandenbrink
Copy link
Author

@alexec Is the issue also fixed for Helm charts stored on private Git repositories with SSH access?

@alexec
Copy link
Contributor

alexec commented Jun 17, 2019

Hi. In hindsight, I don't think it is fixed by the fix I mentioned unless you use the insecure option. You would not want to do that for prod instances of Argo CD.

@jessesuen I'd like us to consider adding keys on start-up for your app. Thoughts?

@alexec
Copy link
Contributor

alexec commented Jun 18, 2019

See #1514, #1513

@basvandenbrink
Copy link
Author

Closing, because the mentioned issues also cover this problem. Would be resolved when pull request #1807 is merged.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@alexec @basvandenbrink