SSH agent requested but SSH_AUTH_SOCK not-specified

[whyvez]

Checklist:

• [x] I've searched in the docs and FAQ for my answer: https://bit.ly/argocd-faq.
• [x] I've included steps to reproduce the bug.
• [x] I've pasted the output of argocd version.
• [x] asked in slack argocd channel

Describe the bug

I am getting a SSH agent requested but SSH_AUTH_SOCK not-specified error every time I trigger a hard refresh from the ArgoCD UI. I only have one repo template credential configured, and the repo in question matches the template. The odd thing is that the refresh does work, and GitHub changes are pulled. I've deleted and recreated the template credentials but the problem persists. This seemed to have started around the time I added the new Github ed25519 to known hosts cm. I also tried restarting the repo-server, argo-server and argo-controller. I've seen many references to this issue in the repo but none seem to be what I am experiencing. Anybody know what I could do to silence this error?

To Reproduce

The issue seems environmental and would be hard to describe steps to reproduce. It did start happening after the GitHub ed25519 issue. At first, I added the known host manually to the ArgoCD known host ConfigMap, but after an ArgoCD update, I believe it was part of the update.

Expected behavior

No errors on hard refresh.

Screenshots

Version

argocd: v2.2.1+122ecef.dirty
  BuildDate: 2021-12-17T16:09:59Z
  GitCommit: 122ecefc3abfe8b691a08d9f3cecf9a170cc8c37
  GitTreeState: dirty
  GoVersion: go1.17.5
  Compiler: gc
  Platform: darwin/arm64

Logs

"time="2022-01-03T21:56:40Z" level=info msg="Normalized app spec: {\"status\":{\"conditions\":[{\"lastTransitionTime\":\"2022-01-03T21:56:40Z\",\"message\":\"rpc error: code = Unknown desc = error creating SSH agent: \\\"SSH agent requested but SSH_AUTH_SOCK not-specified\\\"\",\"type\":\"ComparisonError\"}]}}" application=iris-development"

[nicolastakashi]

Same here

[StephanSalas]

Same here!

[lud97x]

same in v2.2.2

[kgyovai]

same in v2.2.3

[mlerota]

I had the same error but when adding the application. Reinstalled everything, lost 10 hours, and then accidentally found out that I added the wrong repo :-). Added: argocd repo add ssh://AWS_SSH_KEY_ID@git-codecommit.eu-west-1.amazonaws.com/v1/repos/one-repo --ssh-private-key-path /path/to/id_rsa

And in the manifest was spec project: default source: repoURL: 'ssh://AWS_SSH_KEY_ID@git-codecommit.eu-west-1.amazonaws.com/v1/repos/other-repo'

It would be good that in error your have something meaningful like: "can't find repo-name"

[lud97x]

Same for me, after verification, the ssh repo url was wrong. I think the error shown by argocd in that case is misleading.

[whyvez]

I was able to solve my issue after seeing this issue: https://github.com/argoproj/argo-cd/issues/4358

Specifically: https://github.com/argoproj/argo-cd/issues/4358#issuecomment-1031983396

Looks like the update to 2.2.3 changes the application controller from a Deployment to a StatefulSet and the old deployment is never deleted.

I deleted the application-controller Deployment and all is well!

Thank you @jdmulloy !

[Orabig]

Same issue here, but with a different root cause :

• The repo was right
• I didn't upgrade argocd, thus I don't have the same issue than @whyvez

Long story short, I was trying to use Credential Templates for my github server (as documented here) but used the wrong API

My mistake was that I was trying to declare it with a secret like this :

apiVersion: v1
kind: Secret
metadata:
  name: my-repo
  namespace: argocd
  labels:
    argocd.argoproj.io/secret-type: repository
stringData:
  type: git
  url: ssh://git@...../
  sshPrivateKey: ....

But the correct syntax was :

apiVersion: v1
kind: Secret
metadata:
  name: my-repo
  namespace: argocd
  labels:
    argocd.argoproj.io/secret-type: repo-creds
stringData:
  type: git
  url: ssh://git@...../
  sshPrivateKey: ....

(Note the different "secret-type" annotation)

[timbuchinger]

I had the same error but when adding the application. Reinstalled everything, lost 10 hours, and then accidentally found out that I added the wrong repo :-). Added: argocd repo add ssh://AWS_SSH_KEY_ID@git-codecommit.eu-west-1.amazonaws.com/v1/repos/one-repo --ssh-private-key-path /path/to/id_rsa

And in the manifest was spec project: default source: repoURL: 'ssh://AWS_SSH_KEY_ID@git-codecommit.eu-west-1.amazonaws.com/v1/repos/other-repo'

It would be good that in error your have something meaningful like: "can't find repo-name"

This turned out to be my issue as well. Thanks for posting this, you saved me some time troubleshooting.

[qixiaobo]

Same here.

[stephanschielke]

A similar mistake here GIT+SSH vs HTTPs strings:

apiVersion: argoproj.io/v1alpha1
kind: ApplicationSet
spec:
  template:
    spec:
      source:
        repoURL: git@github.com:org/repo.git

vs

apiVersion: 'kubernetes-client.io/v1'
kind: ExternalSecret
spec:
  template:
    stringData:
      type: "git"
      url: "https://github.com/org/repo.git"

[ninja-]

same, I forgot I bootstrapped argocd by authenticating it to gitlab using an api token, and not the ssh key. so the fix is as simple to switch to a https url instead of git+ssh...

[mhvelplund]

I had the same error but when adding the application. Reinstalled everything, lost 10 hours, and then accidentally found out that I added the wrong repo :-). [SNIP] It would be good that in error your have something meaningful like: "can't find repo-name"

This ... I added the correct repo but set the branch to "feature/fix_cicd" instead of the actual source branch "feature/fix-cicd".

The repo showed up as successfully created, but application sync failed with a weird error, and the log had "SSH agent requested but SSH_AUTH_SOCK not-specified". Neither of which make any sense.

The correct error would be "can't find repo/branch combination" 😡