Private repositories for packages

Since we are asking another query, hehe

I am trying to upload a private repository from github to upload a specific packet containing private keys and paths to an application that I cannot make public.

When trying to upload the SSH keys to Github it tells me that those keys have already been used in another account.

I imagine that this is because of something new that Github implements and for this reason it does not allow the key provided by Info-Beamer to be used for this purpose … is there any other way to solve it?

Thank you !

Yeah. Noticed that too. I’m not sure why it’s implemented in github this way (now?). The only reason I see is that you then know your key doesn’t allow access to anything else on github once you remove your public key. Bitbucket handles this differently and multiple users can add the same key.

Unfortunately there’s no workaround at the moment. I guess in the future there will be a “one public key per info-beamer account” feature added.

Ugh. I just realized that you cannot even add the same deploy key to different repositories within the same github account. Well, that’s odd[1]. And it complicates things quite a bit as that means you now need to manage multiple ssh keys per account. And that would require a completely new set of API calls. :-\

[1] I’m happy to learn why they think that’s a good idea. There is probably one. I’ve opened a ticket with github and will share any result.

Got a response from github:

It’s for security, if a private key is compromised, then only one repository is affected.

So there’s that. I guess that really means that support for private repositories on github means adding ssh key management to info-beamer. Hmpf.

Apparently the solution will be a bit more complex than usual.

It is not bad as many times it happens that a key needs to be shared and then, in case of loss, all the rest of the information would be compromised.

Although this leads to having to manage more keys, it assures us that if a key is made public, only it will be affected.

I think you could put a list of passwords at the user level and have each one handle its own … but hey, it’s daring of me and you are the one who really knows the complexity of this …

Just to tell you that the system has a very interesting potential, after a few days of testing I have only found some points to work on, but in general I like it a lot

Greetings

Now available: Custom SSH key support for git pulls from private repositories.

1 Like

I have not succeeded …

I have added the key in ‘Settings - Deploy keys’ of my repository and when executing the POST I get the following error.

{
     "error": "Cannot create package. Please try again later or get in contact if the problem persists"
}

Also I tried with other API options such as list, and even create an empty repository and that if I have managed to do it.

Any advice?

Which package source url did you try? Only ssh://git@github.com/something.git will use the SSH key. https based pulls do not use them for example.

Here I am testing …

I already tried with: HTTPS, SSH (git@github …)

None worked for me.

this is the error when trying to do it over HTTPS:

{
    "error": "Cannot update using git: git command run into an error. Make sure the repository url is correct and info-beamer hosted has access to the repository."
}

I am using Postman to be able to analyze the error. Do you use it? maybe you can pass me the file to import …

Thank you

Just to be sure: You’ve correctly specified the ssh_key_id=<whatever> argument to the /package/create POST request and the import url starts with ssh://git@github.com/<path>? If the ssh_key_id is missing, the default SSH key is used. If that’s not it, can you share the repository url by email (to hello@info-beamer.com), so I can look into the log to see what might be going on?

If that I have reviewed it … although it does not assure that you are not doing something wrong …

I send you mail so that you can see it.

@infobeamer-fw , I know this post is over a year old, but there was never any follow up to indicate if this problem was resolved.

I’m getting an error that ssh_key_id is not recognized.

My command:
curl -u:myapikey https://info-beamer.com/api/v1/package/create -d ‘source=ssh://git@github.com:myuser/mygit.git&ssh_key_id=93’

Response:
{“package_id”:29478,“package_page”:“https://info-beamer.com/package/29478”}‘ssh_key_id’ is not recognized as an internal or external command,
operable program or batch file.

An info-beamer default repo gets created after this. Was this functionality removed since Oct of 2020?

The feature is still there.

This smells like something in your curl command line is misquoted and your OS tries to run ssh_key_id as a local program that then doesn’t exist, hence the error message. See for example the following command line call for curl with missing quotes ( " ) around the url. The result on Linux is that the shell runs curl https://example.com/?a=1 in the background, as instructed by the ampersand, followed by immediately running same_program. The result looks like this:

[sandboxed] test@box:~$ curl https://example.com/?a=1&some_program
[1] 111
some_program: command not found
[sandboxed] test@box:~$ <!doctype html>
<html>
<head>
    <title>Example Domain</title>

How exactly do you invoke curl? Can you check is that might be the reason?

I invoke curl from a Windows command line. It was a quote issue. On Windows, apparently I need to use double quotes instead of single quotes.
Now I’m getting this error:

{“error”:“Cannot create package. Please try again later or get in contact if the problem persists”}

Which is the same error @michel was getting initially.

This most likely points to insufficient permission to actually pull the git repository or maybe a wrong url. The URL template for pulling via SSH is

ssh://git@example.com/user/repo.git

In your initial command line example you had a colon after the hostname. Can you try it with a slash? If that also doesn’t work, please get in contact by email and I might take a look into the logs to figure out why it doesn’t work.

It was the colon in the URL string. I just used what github said to use by using the copy option on the repo page. That works fine for me locally. Substituting a slash for the colon made info-beamer hosted happy and everything is working now.

Thank you for your help.