Shared credentials with npm module via git+ssh

Hi there,

I'm trying to set up a build plan where the first step is to run npm install. One of the npm dependencies is a Bitbucket repository that is accessed via ssh. I've added the correct ssh private key as a shared credential in Bamboo cloud and added the public key to a Bitbucket account with access to the repo. When running the build plan it fails when trying to clone the repository.

 

error   29-Oct-2015 15:53:14    npm ERR! Host key verification failed.
error   29-Oct-2015 15:53:14    npm ERR! fatal: Could not read from remote repository.
error   29-Oct-2015 15:53:14    npm ERR! 
error   29-Oct-2015 15:53:14    npm ERR! Please make sure you have the correct access rights
error   29-Oct-2015 15:53:14    npm ERR! and the repository exists.

 

Is there anything else that needs to be done for the ssh authentication to work?

3 answers

This widget could not be displayed.

I am having the same issue. Is there any way to resolve this?

This widget could not be displayed.

They are killing Bamboo Cloud, so in a way this will resolve itself... We'll be playing with Bitbucket Pipeline to see if it will work for us.  Otherwise we'll go the stand-alone Bamboo server route, which I really wanted to avoid.

This widget could not be displayed.
Jeremy Owen Atlassian Team Jul 24, 2018

This is a pretty old question regarding Bamboo Cloud but for anyone who's interested in the same subject for Bamboo Server, I've got a few points and suggestions to share regarding Git Credentials and NPM via Bamboo.

When you invoke NPM through Bamboo, NPM and Git will be run as the same user that runs the Bamboo (or Bamboo remote agent) process and will use the SSH key from the environment (e.g. ~/.ssh/id_rsa) for that user. Basically, authentication is purely handled at the environment level, the same as it would by command-line (not by Bamboo).

The same credentials you use to checkout the repository that contains your NPM project via Bamboo, will not be available within the build or to NPM to checkout dependencies. 

Our general recommendation (using Bitbucket Server as an example) is to:

  • Setup an SSH private key for the operating system user that runs the Bamboo agent responsible for executing the build: Creating SSH keys
  • Add the public key from ~/.ssh/id_rsa.pub to the Bitbucket Repository Settings >> Access Keys (for Bitbucket Server) for each NPM dependency hosted in a private Bitbucket repository needed for the build: SSH access keys for system use
  • Perform a git clone manually on command-line to the same Git repository as the same user that runs the Bamboo agent and answer yes to the host key questions. This is an easy way to both test the connection and accept the host key of the target Git server. You could also directly add the host key to ~/.ssh/known_hosts

Suggest an answer

Log in or Sign up to answer
Community showcase
Posted Tuesday in Jira

What modern development practices are at the heart of how your team delivers software?

Hey Community mates! Claire here from the Software Product Marketing team. We all know software development changes rapidly, and it's often tough to keep up. But from our research, we've found the h...

307 views 1 4
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you