Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,455,530
Community Members
 
Community Events
175
Community Groups

self-hosted linux runner unable to clone a repo git@bitbucket.org: Permission denied (publickey).

Edited

Hi 

In a pipeline running on the self-hosted linux docker container I'm trying to clone a different repo from the one that owns the pipeline but I have the git clone command following error

git@bitbucket.org: Permission denied (publickey).

I have added the public key in both the repo under Settings->Access key (for both the main which owns the pipeline and the other which is required by the main repo)

I try to do what was suggested in that question

https://community.atlassian.com/t5/Bitbucket-questions/self-hosted-runner-mount-ssh-key/qaq-p/1890134

but even if I try to create the ssh folder or the .ssh folder under

/tmp/<runner-id>

and copy the private key in, I still have

git@bitbucket.org: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.

I'm using runner image 1.323

If I run the same git clone command from linux I can clone the repo (I must be something with ssh key of the runner because the repo exists)

Could you help me please?

1 answer

0 votes
Patrik S Atlassian Team May 24, 2022

Hello @Daniele Cordioli ,

Thank you for reaching out to Atlassian Community.

In order for the SSH key to be available for the runner to use, you should add it to the Settings > Pipelines > SSH keys of the main repo (the one that owns the pipeline). The keys added to this section are automatically made available in the runner's container.

So, in order to clone a different repository in your pipelines you would have to do the following : 

In the repository that owns the pipeline

  1. Go to Settings > Pipelines > SSH keys
  2. In case you want Bitbucket to generate the keys for you, click on Generate Key. Otherwise, if you already have the keys, click on Use my own keys and paste both the private and public keys.

In the repository being cloned

  1. Go to Settings > General > Access keys
  2. Click on Add key, and paste the same public key you have configured in the repository that own the pipeline.

After completing the steps above, once you run your build again the key you have configured in the main repository will be made available to the runner container. Since you gave that key access to the repository being cloned by including it in the Access Keys, the clone should complete successfully.

You are also welcome to take a look at the following blog post which covers in more detail the same instructions I've shared above :

Hope that helps! Let me know in case you have any questions.

Thank you, @Daniele Cordioli 

Kind regards,

Patrik S

Hi Patrik and thanks for your prompt reply

I have done what you have suggested but it's not working using a self hosted runner on linux.

The runner in linux is not able to clone the repo

git@bitbucket.org: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
Patrik S Atlassian Team May 26, 2022

Hello @Daniele Cordioli ,

I tested in my own instance and it worked successfully using runners.

That said, for testing porpoise, could you please try using the key generated by Bitbucket, instead of providing your own key? To do that, in the repo that owns the pipeline you need to go to Settings > Pipelines > SSH keys, delete any existing key pair, and use the Generate Key button. You will be provided with a new public key.

Copy this public key and paste it in the repo you are trying to clone, under Settings > General > Access keys.

Then you can try re-running your build and check if it works.

In case it still doesn't work, I'd ask you to use the command below in your pipeline for cloning, as it will provide more verbose logs : 

GIT_TRACE_PACKET=1 GIT_TRACE=1 GIT_SSH_COMMAND="ssh -vvv" git clone git@bitbucket.org:<workspace>/<repository>.git

Once you run the pipeline with the command above, please share us the full output (please hide any sensitive information from the logs).

Thank you, @Daniele Cordioli .

Kind regards,

Patrik S

Hi @Patrik S 

following your suggestion I generated the key and paste into the right repo and now it's working!

 

Thanks so much

Like Patrik S likes this

Suggest an answer

Log in or Sign up to answer
TAGS

Atlassian Community Events