I have a simple Flask app that waits for webhooks from my repository host. The webhook triggers a git.pull() of the latest revision from a predefined repository using gitpython. The gitpython code is something like:
import git
repo_dir = '/path/to/repo'
g = git.cmd.Git(repo_dir)
g.pull()
The app is started with a supervisor script as a user, admin, whose ssh id_rsa.pub public key is registered with the repository as a deployment key.
When logged in as the registered user, admin, the app can be started from the command line and can successfully pull from the private repository. When the app is started with supervisor, however, the git.pull() operation fails with a ssh auth error:
Permission denied (publickey).
fatal: Could not read from remote repository.
I can confirm the user launching the supervisor managed app is correct (admin). This indicates that the supervisor script is not using the default SSH key for the same user.
I have seen some reference to setting one of several environment variables, GIT_SSH_COMMAND or a legacy GIT_SSH. I have tried setting these values to both replacement ssh strings (ie GIT_SSH_COMMAND='ssh -i /path/to/key') and to executable files (ie GIT_SSH='/path/to/myssh'), but to no avail.
Has anyone encountered something like this? It's an unexpected problem, that I am having trouble debugging.
