3

I'd like to pip install a library from a private GitHub repository in a GitHub Actions job. I can install it on my computer just fine because I've configured GitHub to accept the SSH key. But how do I give an SSH key to a GitHub Actions runner?

On my computer, this works fine:

python -m pip install "git+ssh://[email protected]/ORG/LIBRARY.git@main#egg=SOMETHING&subdirectory=SOMETHING"
Collecting LIBRARY
  Cloning ssh://****@github.com/ORG/LIBRARY.git (to revision main) to /tmp/pip-install-_kw52ce5/LIBRARY_35c4fb5cf6a64e30914beaec4a768bd1
  Installing build dependencies ... done
...
Successfully built LIBRARY-0.1.1

I changed the name of the library, organization, and directories for privacy. Documentation for pip installations from GitHub repos are here.

I have tried this guide with this GitHub action with no luck. In GitHub Actions, I get this error message:

Step 15/20 : RUN pip install -r requirements.txt
 ---> Running in 5ece3eb6572e
  Collecting LIBRARY@ git+ssh://[email protected]/ORG/LIBRARY.git@main#egg=SOMETHING&subdirectory=SOMETHING
  Cloning ssh://****@github.com/ORG/LIBRARY.git (to revision main) to /tmp/pip-install-ohx86p2h/LIBRARY_2972ab1296ce45afa73bbb3c5a036bd1
  Running command git clone -q 'ssh://****@github.com/ORG/LIBRARY.git' /tmp/pip-install-ohx86p2h/LIBRARY_2972ab1296ce45afa73bbb3c5a036bd1
  Host key verification failed.
  fatal: Could not read from remote repository.

  Please make sure you have the correct access rights
  and the repository exists.

How do I give an SSH key to a GitHub Actions runner?

Improve this question
3
  • Not a complete solution but if you have your public SSH key for your runner (on a specified user account), did you look into adding it to your SSH key for your GitHub account? Commented Jul 22, 2021 at 15:17
  • Yeah I made the public SSH key a deploy key on the repository I'm trying to pip install from. Commented Jul 22, 2021 at 15:27
  • stackoverflow.com/… Commented Jul 22, 2021 at 19:48

1 Answer 1

Reset to default
3

I think the "Host key verification failed" points to an issue with the ~/.ssh/known_hosts file. Typically, the first time you connect to a host via ssh you are prompted with something similar to:

The authenticity of host 'domain.com (a.b.c.d)' can't be established.
RSA key fingerprint is XX:XX:...:XX.
Are you sure you want to continue connecting (yes/no)?

When you answer yes, the host key is automatically added to the known_hosts file. You can manually add the host key to the known_hosts file of the user that is running your Github Actions:

  1. Get the host key directly from a github admin or once logged into github.com (more secure - highly suggest).
  2. use ssh-keyscan -H github.com >> ~/.ssh/known_hosts
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.