I have a self-hosted instance of gitlab, and a container in proxmox (Linux runner 5.4.203-1-pve #1 SMP PVE 5.4.203-1 x86_64 x86_64 x86_64 GNU/Linux) I'd like to use as runner.
The self-hosted instance has disabled https acces to repositories (only ssh is allowed).
My pipeline fails with
Fetching changes with git depth set to 20...
Reinitialized existing Git repository in /home/gitlab-runner/builds/gryU5_uD/0/path/to/repo/.git/
remote: HTTP Basic: Access denied. The provided password or token is incorrect or your account has 2FA enabled and you must use a personal access token instead of a password. See http://gitlab.company.cz/help/topics/git/troubleshooting_git#error-on-git-fetch-http-basic-access-denied
fatal: Authentication failed for 'http://gitlab.company.cz/path/to/repo.git/'
The runner was created following the gitlab manual (in runneers->add runner).
Now this answer Gitlab Build Runner on Windows uses HTTP instead of SSH suggest I create a new user for the runner if I understand correctly (and add the ssh key to this user). I hope there is another solution.
EDIT: -> add
[[runners]]
...
clone_url = "ssh://git@gitlab.company.cz"
...
to /etc/gitlab-runner/config.toml, add the public key of the system as deploy key (and authorise it for the repo), create ~/.ssh/config with contents
Host gitlab.company.cz
Preferredauthentications publickey
IdentityFile ~/.ssh/id_rsa
StrictHostKeyChecking no
and I can manually clone the repo to the server. The pipeline still fails on permissions though... perhaps i am logged as root and I need to set this logged as user "gitlab-runner"? How do I achieve that?
Current pipeline output:
Getting source from Git repository
00:00
Fetching changes with git depth set to 20...
Initialized empty Git repository in /home/gitlab-runner/builds/gryU5_uD/0/path/to/repo/.git/
Created fresh repository.
Host key verification failed.
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
Edit2: Right, so of course the deploy key is useless. What you need to do is to edit the .ssh/config for the gitlab-runner user.
