Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Shared credentials with npm module via git+ssh

Dan Coates1
Dan Coates October 28, 2015

Hi there,

I'm trying to set up a build plan where the first step is to run npm install. One of the npm dependencies is a Bitbucket repository that is accessed via ssh. I've added the correct ssh private key as a shared credential in Bamboo cloud and added the public key to a Bitbucket account with access to the repo. When running the build plan it fails when trying to clone the repository.

 

error   29-Oct-2015 15:53:14    npm ERR! Host key verification failed.
error   29-Oct-2015 15:53:14    npm ERR! fatal: Could not read from remote repository.
error   29-Oct-2015 15:53:14    npm ERR! 
error   29-Oct-2015 15:53:14    npm ERR! Please make sure you have the correct access rights
error   29-Oct-2015 15:53:14    npm ERR! and the repository exists.

 

Is there anything else that needs to be done for the ssh authentication to work?

Answer
Watch
Like Adam Risser likes this
1632 views

3 answers

0 votes
Jeremy Owen
Jeremy Owen
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
July 24, 2018

This is a pretty old question regarding Bamboo Cloud but for anyone who's interested in the same subject for Bamboo Server, I've got a few points and suggestions to share regarding Git Credentials and NPM via Bamboo.

When you invoke NPM through Bamboo, NPM and Git will be run as the same user that runs the Bamboo (or Bamboo remote agent) process and will use the SSH key from the environment (e.g. ~/.ssh/id_rsa) for that user. Basically, authentication is purely handled at the environment level, the same as it would by command-line (not by Bamboo).

The same credentials you use to checkout the repository that contains your NPM project via Bamboo, will not be available within the build or to NPM to checkout dependencies. 

Our general recommendation (using Bitbucket Server as an example) is to:

  • Setup an SSH private key for the operating system user that runs the Bamboo agent responsible for executing the build: Creating SSH keys
  • Add the public key from ~/.ssh/id_rsa.pub to the Bitbucket Repository Settings >> Access Keys (for Bitbucket Server) for each NPM dependency hosted in a private Bitbucket repository needed for the build: SSH access keys for system use
  • Perform a git clone manually on command-line to the same Git repository as the same user that runs the Bamboo agent and answer yes to the host key questions. This is an easy way to both test the connection and accept the host key of the target Git server. You could also directly add the host key to ~/.ssh/known_hosts
Reply
0 votes
Eric Jensen
Eric Jensen May 24, 2016

They are killing Bamboo Cloud, so in a way this will resolve itself... We'll be playing with Bitbucket Pipeline to see if it will work for us.  Otherwise we'll go the stand-alone Bamboo server route, which I really wanted to avoid.

Reply
0 votes
Will Albone
Will Albone May 24, 2016

I am having the same issue. Is there any way to resolve this?

Reply

Suggest an answer

Log in or Sign up to answer
Bamboo
Bamboo
TAGS
AUG Leaders

Atlassian Community Events

    See all events