10

I have a private bitbucket repo that is connected to the Azure DevOps Build Pipeline. The private repo has a submodule connected to a public Github repo.

Both repositories are accessed via SSH.

I have ticked the clone submodules box in DevOps.

How do I provide an SSH key to Azure DevOps so it will clone the submodule?

Arsen Khachaturyan
  • 7,904
  • 4
  • 42
  • 42
Dean Marcussen
  • 597
  • 4
  • 15

2 Answers2

13

The solution for this was not to change to https, or setup a self hosted agent.

There is a step available called Load an SSH key.

I created a new ssh key on github, added the Load SSH Key step to the VSTS tasks.

It runs before the Checkout task (despite appearing in the queue afterwards) and loads the required ssh key on the agent

Dean Marcussen
  • 597
  • 4
  • 15
1

It's unnecessary to provider SSH Key to Azure DevOps, you just need to modify the .gitmodules file in the private bitbucket repo to specify the submodule github repo URL with HTTP protocol.

Such as modify the .gitmodules file as:

[submodule "myrepo"]
    path = myrepo
    url = https://github.com/username/myrepo.git

Now, when you queue the build again, it will download the submodule repo successful in Get sources (checkout) step.

While for the reason why it mainly build failed at Get sources step, it's caused the build agent does not have the SSH key which matches in Github, when get the soubmodule sources. So if you do not want to modify .gitmodules file with HTTP protocol, you should to queue the build which the self-hosted agent which contains the ssk public key you specified in GitHub.

Detail steps to setup a self-hosted agent as below:

  1. Create and copy a PAT in the page https://account.visualstudio.com/_usersSettings/tokens for later use. If you already have PAT, then skip this step.

  2. Download agent

    In Agent pools page (https://account.visualstudio.com/_settings/agentpools) -> download agent to the local machine where GitHub repo SSH locates -> unzip in a directory.

    enter image description here

  3. Setup self-hosted agent

    In the unzipped directory -> open PowerShell as Administrator -> execute ./config.cmd -> enter URL, PAT, agent pool (such as Default agent pool) etc as it hints.

    After configuration -> if the agent is offline line -> execute ./run.cmd in the PowerShell window to make sure the agent state is Online.

    enter image description here

Now you can queue build with your self-hosted agent.

Marina Liu
  • 36,876
  • 5
  • 61
  • 74
  • The problem with updating the .gitmodules to use https is that I then need to use https to communicate with the github repo, which if I want to push changes to that repo means putting a user name and password into the gitmodules / or sourcetree. Ssh resolves this issue, and is the preferred way of accessing git repositories. I would like to be able to add the SSH key to the build agent, but I don't understand how I would do that with the self hosted agent from the link provided? – Dean Marcussen Sep 15 '18 at 06:37
  • 1
    @DeanMarcussen I updated my answer detail detail steps to setup a self-hosted agent, you can have a try. Besides, using http protocol, you can also integrate the username and password in the repo URL (`https://username:password@github.com/myrepo.git`), so that it won't be interrupted with the communication window. – Marina Liu Sep 15 '18 at 07:03
  • 2
    This didn't really sound like a solution for the question - going to http and including user names and passwords inside a git repo seems a very backward step. Nor do I want to run a self hosted agent - again defeats the purpose of VSTS. I did however discover a step that would load an ssh agent so that resolves it for me – Dean Marcussen Sep 15 '18 at 16:35
  • @DeanMarcussen since your problem has been solved, you can mark your own answer. And it will also benefit others who meet similar questions. – Marina Liu Sep 17 '18 at 08:12