flux2 icon indicating copy to clipboard operation
flux2 copied to clipboard

Published 20 hours ago verified publisher icon fluxcd

CodeCommit: Failed to retrieve list of SSH authentication methods

Open cdenneen opened this issue 2 years ago • 2 comments

Describe the bug

https://fluxcd.io/docs/use-cases/aws-codecommit/

Flux Create Source:

Failed to retrieve list of SSH authentication methods

► applying secret with repository credentials ✔ authentication configured ► applying GitRepository source ✔ GitRepository source updated ◎ waiting for GitRepository source reconciliation ✗ unable to clone: Failed to retrieve list of SSH authentication methods: Failed getting response

Based on some research it has to do with libssh2 upgrade changed the format:

libgit2/pygit2#1013 (comment)

It seems in order for this to work with CodeCommit the -M PEM flag would be necessary when generating the deploy key?

Steps to reproduce

Flux Create Source:

► applying secret with repository credentials ✔ authentication configured ► applying GitRepository source ✔ GitRepository source updated ◎ waiting for GitRepository source reconciliation ✗ unable to clone: Failed to retrieve list of SSH authentication methods: Failed getting response

Based on some research it has to do with libssh2 upgrade changed the format:

libgit2/pygit2#1013 (comment)

Expected behavior

It seems in order for this to work with CodeCommit the -m PEM flag would be necessary when generating the deploy key?

Need a --ssh-key-format parameter in order to specify PEM.

Screenshots and recordings

No response

OS / Distro

macOS 12.1

Flux version

v0.25.3

Flux check

❯ flux check ► checking prerequisites ✔ Kubernetes 1.21.5-eks-bc4871b >=1.19.0-0 ► checking controllers ✔ helm-controller: deployment ready ► ghcr.io/fluxcd/helm-controller:v0.15.0 ✔ kustomize-controller: deployment ready ► ghcr.io/fluxcd/kustomize-controller:v0.19.1 ✔ notification-controller: deployment ready ► ghcr.io/fluxcd/notification-controller:v0.20.1 ✔ source-controller: deployment ready ► ghcr.io/fluxcd/source-controller:v0.20.1 ✔ all checks passed

Git provider

AWS CodeCommit

Container Registry provider

No response

Additional context

No response

Code of Conduct

  • [X] I agree to follow this project's Code of Conduct

cdenneen avatar Jan 24 '22 15:01 cdenneen

In order to get around this I had to do 3 things:

  1. Create key manually and upload to the IAM user
  2. Make note of the User ID generated for the key uploaded
  3. When creating the source I had to specify the user in the url, private-key-file and ssh-key-algorithm 
flux create source git flux-system \
  --git-implementation=libgit2 \
  --url=ssh://<USERID>@git-codecommit.<region>.amazonaws.com/v1/repos/<my-repository> \
  --branch=<branch> \
  --private-key-file=./codecommit_rsa \
  --ssh-key-algorithm=rsa \
  --interval=1m

/label area/docs

cdenneen avatar Jan 24 '22 16:01 cdenneen

We need to update the docs with these instructions. Thanks @cdenneen for providing the steps.

stefanprodan avatar Jan 29 '22 08:01 stefanprodan

Can I help with this issue?

Abhishek-569 avatar Feb 10 '23 17:02 Abhishek-569

@Abhishek-569 the documentation page which would require editing is https://github.com/fluxcd/website/edit/main/content/en/flux/use-cases/aws-codecommit.md

hiddeco avatar Feb 10 '23 17:02 hiddeco

Should I add @cdenneen purpose changes under the new heading(if yes what it should be) or make the changes in existing docs under 'Flux Installation for AWS CodeCommit' in https://fluxcd.io/flux/use-cases/aws-codecommit/#flux-installation-for-aws-codecommit ?

Abhishek-569 avatar Feb 21 '23 07:02 Abhishek-569