Hey Chris, If you have docker running on your machine with the "$HOME/.ssh" folder setup up to connect successfully to your authenticated git repo. You can quickly test this by creating a data volume container
$ docker create --name authenticated -v $HOME/.ssh:/var/go/.ssh gocd/gocd-server:16.10.0 and using the data volume container while running your GoCD server container $ docker run --volumes-from authenticated -p 8154:8154 -p 8153:8153 gocd/gocd-server:16.10.0 Your issue might be with the ssh keys set up. To make it simpler, create data containers from the right ".ssh" after verifying that it works outside of docker and use them while running the server or agents. On Mon, Oct 3, 2016 at 4:47 PM, Chris Forbes <[email protected]> wrote: > Thank you for your response, Jay. > > I followed your steps to ensure I hadn't missed anything. Unfortunately, > it still isn't working. I'll try once more going from scratch and see if > anything plays out differently. > > Chris > > > On Sunday, October 2, 2016 at 4:12:59 AM UTC+1, Jay wrote: >> >> Hi, >> >> Make sure you've properly chowned those directories and files. Keep in >> mind that you have to either run those commands you've mentioned as the >> "go" user, or establish those files in that .ssh folder and then chown them >> with "go:go". If you're running inside a docker container, as I believe you >> are, it's pretty easy to set up this process as an entry-point script. I >> also believe you'll always have to chown that .ssh directory so that the >> container go user can access them. I believe it's also pretty safe to >> pre-populate your git servers public ssh host keys and simply cat them into >> the known_hosts file. This way you don't have to accept them and these will >> rarely change. I've already got a working solution in place, so I'll >> provide some highlights here, since that's all I can do. >> >> * gather your git servers public ssh keys with command "ssh-keyscan -p >> 22 [host | addrlist namelist] ...". Make sure you use any git server >> aliases here. >> * the go server home can be figured out programatically with this >> command: GO_HOME=$( getent passwd "go" | cut -d: -f6 ) >> * create folder ${GO_HOME}/.ssh with chmod 700 and chown go:go >> * generate a pair of keys if they don't already exist: ssh-keygen -q -t >> rsa -C "gocd-server" -N '' -f "$GO_ID_RSA_FILE" >> * add your pub key to gitlab >> * cat your git servers pub ssh keys into ${GO_HOME}/.ssh/known_hosts, chmod >> 0644 the file >> * chown the entire /var/go, or just /var/go/.ssh if you prefer >> >> All these steps should work with the .ssh folder bind-mounted. >> >> Hope you get something working soon. >> >> Jay >> >> >> On Friday, September 30, 2016 at 4:23:50 AM UTC-7, Chris Forbes wrote: >>> >>> I'm trying to set up GoCD for the first time on Linux (CentOS 7) with >>> the official GoCD Server Docker container. Documentation for this is very >>> scarce as I'm sure you are aware. I'm having a lot of difficulties getting >>> the server to use the SSH key correctly. I've tried a number of suggested >>> solutions with no luck. >>> >>> Some of the things I have tried: >>> >>> - Mount the instance ssh folder as a volume to `/var/go/.ssh` >>> - Create a `config` file in the container to specifically target the >>> `id_rsa` file >>> - Run `ssh -T -vvv [email protected]` on the instance and the container >>> to validate the key >>> >>> But still, clicking "Check Connection" results in the error: >>> >>> --- ERROR --- >>>> STDERR: Host key verification failed. >>>> STDERR: fatal: Could not read from remote repository. >>>> STDERR: >>>> STDERR: Please make sure you have the correct access rights >>>> STDERR: and the repository exists. >>>> --- >>>> >>>> >>> Could someone that has done this be so kind as to list the steps >>> required to make this work? Or point me at a detailed blog post/write up of >>> how to do this? We are keen to give GoCD a try, but being unable to use Git >>> with SSH is a deal breaker. >>> >> -- > You received this message because you are subscribed to the Google Groups > "go-cd" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "go-cd" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
