Open pikajude opened 1 year ago
FWIW GitHub and GitLab require SSH public key to be associated with an account, yikes. I’d assume that other Git hosts have the same behavior, so that’s likely the reason why clone over SSH is not supported out-of-the-box.
As a workaround, it’s possible to instruct Git to rewrite SSH clone URLs to HTTPS.
(fetchFromGitHub {
owner = "…";
repo = "…";
rev = "…";
hash = "…";
fetchSubmodules = true;
}).overrideAttrs (_: {
GIT_CONFIG_COUNT = 1;
GIT_CONFIG_KEY_0 = "url.https://github.com/.insteadOf";
GIT_CONFIG_VALUE_0 = "git@github.com:";
})
cc @gou4shi1 as you’ve also stumbled on this issue recently 🥲
Edit: as mentioned below, this workaround is for Git repositories with submodules that use SSH instead of HTTPS on GitHub/GitLab. It will not work for private repositories.
@tie It doesn't work for private repository.
I am able to fetch private repository using ssh:
fetchGit {
url = "ssh://git@github.com/user/example.git";
rev = "?";
ref = "?"; #Branch name
};
Preconditions:
1) Your ssh keys to access the repository are available in ~/.ssh
2) ssh://git@github.com/user/example.git
must be there in your known hosts ~/.ssh/known_hosts
Just had exactly the same issue as OP. Using builtins.fetchGit
instead of pkgs.fetchgit
fixed it for me.
Encountered the same error while trying to package a Flutter project with pub2nix. If builtins.fetchGit
works, then should we try to change all instances of fetchgit
to that?
I think I'm also hitting the same issue when attempting to package a Rust-based tool that has an ssh://git@github.com URL in its Cargo.lock. Switch to https seems to have solved this for me for now.
This issue has been mentioned on NixOS Discourse. There might be relevant details there:
https://discourse.nixos.org/t/derivations-that-depend-on-git-submodules/48872/2
For those hitting this issue using rustPlatform.buildRustPackage
.
Using cargoLock.allowBuiltinFetchGit = true;
allows you to still use ssh and keep the repo private (the https solution won't work for private repos)
https://nixos.org/manual/nixpkgs/stable/#importing-a-cargo.lock-file
rustPlatform.buildRustPackage {
cargoLock = {
lockFile = ./Cargo.lock;
allowBuiltinFetchGit = true;
};
}
Describe the bug
See title.
Steps To Reproduce
Expected behavior
Nix should be able to fetch the repo.
Additional context
I'm using an SSH url because the repo I'm trying to fetch is private, but this error appears to be reproducible with any SSH url pointing anywhere.
Metadata