-
Notifications
You must be signed in to change notification settings - Fork 1.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Document git ssh symlink requirement #2663
Conversation
docs/auth.md
Outdated
@@ -108,6 +108,12 @@ When the `Run` executes, before steps execute, a `~/.ssh/config` will be | |||
generated containing the key configured in the `Secret`. This key is then used | |||
to authenticate when retrieving any `PipelineResources`. | |||
|
|||
Note: SSH credentials can also be used when invoking vanilla `git` commands | |||
in your Task's Steps. However, you will first need to symlink `/tekton/home/.ssh` | |||
to `/root/.ssh` because `ssh` ignores the `$HOME` environment variable, which by |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
NIT: Perhaps instead of just /root/.ssh
we could say to your user .ssh
folder - e.g. /root/.ssh
when using root.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good call, I've updated to include that, and added a little more detail about why this is necessary. Also turned this change into its own section because the content spans multiple paragraphs.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for this!
/approve
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: afrittoli The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
When relying on creds-init to generate git ssh credentials a user will need to symlink from /tekton/home/.ssh to /root/.ssh if they're issuing `git` commands in a Step's script or image. This commit documents the need to symlink in auth.md.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the updates!
/lgtm
Changes
Adds documentation around #2638
When relying on creds-init to generate git ssh credentials
a user will need to symlink from /tekton/home/.ssh to /root/.ssh
if they're issuing
git
commands in a Step's script or image.This commit documents the need to symlink in auth.md.
Submitter Checklist
These are the criteria that every PR should meet, please check them off as you
review them:
See the contribution guide for more details.
Double check this list of stuff that's easy to miss:
cmd
dir, please updatethe release Task to build and release this image.
Reviewer Notes
If API changes are included, additive changes must be approved by at least two OWNERS and backwards incompatible changes must be approved by more than 50% of the OWNERS, and they must first be added in a backwards compatible way.