Configure GitRepo with Private Key Authentication via Rancher UI
This document (000021559) is provided subject to the disclaimer at the end of this document.
Environment
Situation
Resolution
For private repositories, generate an SSH key pair in PEM format using the following command. Please note that the private key should not have a passphrase. It can be either an RSA or EC private key
ssh-keygen -t rsa -b 4096 -m pem -C "user@email.com"
Configure Github:
Now that you have the private and public key pair, add the public key to your Git repository. For example, adding the public key to GitHub is demonstrated below
Github >> Settings >> SSH and GPG keys >> Click button "New SSH key" >> Give Title >> Select the "Authentication Key" from drop down >> Add the public key in the text box >> "Add SSH key" to add it
Now you will be able to use the private key to authenticate to your Github private repository
Create Gitrepo in Rancher:
Go to the Rancher UI >> Continous Delivery >> GitRepos >> Add Repository
Enter a name and Repository URL. For example, in the case of github, the repo URL will be similar to git@github.com:username/repository.git. Enter the Branch name corresponding to the repo
In Github authentication drop-down, Select "Create a SSH Key Secret" and add your Private Key generated in the previous step. Private key alone is sufficient for authentication and you may keep the Public Key field blank.
If you already have a secret created using the kubectl command in either the fleet-local or fleet-default namespace on the local cluster, you can select that secret from the dropdown. If you prefer to create the secret manually via the command line, run the following command on the local cluster
kubectl create secret generic ssh-key -n fleet-default --from-file=ssh-privatekey=/file/to/private/key --type=kubernetes.io/ssh-auth
Note: If you want to create Gitrepo for local cluster, replace fleet-default with fleet-local
If you want to verify the identity of the GitHub when you establish an SSH connection, you can collect the SSH host key using the below command and add it to the secret
ssh-keyscan -H github.com
Get the host key line corresponding to ssh-rsa from previous command results and place it another file and create the secret as below
kubectl create secret generic ssh-key-known-host -n fleet-default --from-file=ssh-privatekey=/file/to/private/key --from-file=known_hosts=/file/to/known_hosts --type=kubernetes.io/ssh-auth
Fill in any remaining details, then click on 'Create' . The authentication to the GitHub private repository should be completed successfully
Status
Disclaimer
This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:000021559
- Creation Date: 12-Sep-2024
- Modified Date:23-Sep-2024
-
- SUSE Rancher
For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]suse.com