当子模块是私有 Github 存储库时 git 子模块的问题 [英] Problems with git submodules when submodules are private Github repos

问题描述

我在 Github 上有一个私人仓库，里面有 3 个子模块，其中 3 个也是私有的.

I have a private repo on Github that houses 3 submodules, all 3 of which are also private.

我在我的 EC2 服务器上生成了 4 个 SSH 密钥，并将它们作为 Github 部署密钥应用于所有 4 个私有存储库.

I have generated 4 SSH keys on my EC2 server and applied them as Github deploy keys to all 4 private repositories.

我能够克隆主存储库，因为它可以识别 SSH 密钥.当我运行git submodule update"时，它在私有存储库上失败并出现以下错误:

I am able to clone the primary repository as it recognizes the SSH key. When I run "git submodule update" it fails on the private repos with the following error:

错误:未找到存储库.致命:远端意外挂断

ERROR: Repository not found. fatal: The remote end hung up unexpectedly

如果我手动检查那些私有存储库，它会起作用，但在使用 git submodule 命令时不起作用.任何的想法?这不是完全支持吗?

If I manually check out those private repos it works, but not when using the git submodule command. Any idea? Is this not fully supported?

推荐答案

github 的认证有点奇怪.他们不使用用户名；他们只是根据您提供的公钥来推断您是哪个用户.由于您生成了四个部署密钥，任何人都无法猜测您的服务器在连接到 github 时会使用哪个 - github 将接受其中任何一个，然后拒绝对未注册该密钥的存储库的任何访问.

github's authentication is a bit odd. They don't use usernames; they just infer based on the public key you presented which user you are. Since you generated four deploy keys, it's anyone's guess which one will be used by your server when it connects to github - github will accept any of them, then reject any access to repositories that don't have that key registered.

因此，最简单的解决方案是仅对所有存储库使用一个部署密钥.

As such, the simplest solution is to just use a single deploy key for all of the repositories.

如果你不能，但是，你可以使用 ssh 主机别名来解决这个问题.添加到您服务器的 ~/.ssh/config 节，如下所示:

If you can't, however, you can hack around this using ssh host aliases. Add to your server's ~/.ssh/config stanzas like the following:

Host repo-foo
  HostName  ssh.github.com
  Port 443
  User git
  IdentityFile /path/to/my-ssh-key-file-for-foo
  IdentitiesOnly yes

Host repo-bar
  HostName ssh.github.com
  Port 443
  User git
  IdentityFile /path/to/my-ssh-key-file-for-bar
  IdentitiesOnly yes

然后将您的子模块指向 repo-bar:username/bar.git 和 repo-foo:username/foo.git 而不是使用 git@github.com:... 表单.

Then point your submodules at repo-bar:username/bar.git and repo-foo:username/foo.git rather than using the git@github.com:... form.

这将有效地导致 git 和 ssh 将每个存储库视为存在于不同的服务器上，并传入一个明确的身份文件，因此不会混淆使用什么密钥.

This will effectively cause git and ssh to treat each repository as living on a different server, and pass in an explicit identity file, so there is no confusion over what key to use.

这篇关于当子模块是私有 Github 存储库时 git 子模块的问题的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！