Search code examples
gitdockergit-lfs

In Docker, git-lfs giving error: credentials for https://github.... not found

I am trying to pull large files into a Docker container from git using git-lfs. Unfortunately, I keep getting the error:

...

 ---> f07e7087dc5a
Step 13/16 : RUN git lfs pull
 ---> Running in a387e389eebd
batch response: Git credentials for https://github.XXXX.edu/XXXXX/XXXXXXXXX.git not found.
error: failed to fetch some objects from 'https://github.XXXX.edu/XXXXX/XXXXXXXXX.git/info/lfs'
The command '/bin/sh -c git lfs pull' returned a non-zero code: 2

Any idea how to fix this and get my files pulled correctly and error-free? I am running the following in Docker to try to get git-lfs to work:

# Get git-lfs and pull down the large files
RUN apt-get update && apt-get install -y apt-utils && apt-get install -y curl
RUN curl -s https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh | bash
RUN apt-get install -y git-lfs
RUN git lfs install
RUN git lfs pull

I add my .gitattributes file and .git file to the Docker image as well.

EDIT: Can I maybe somehow use:

https://you:password@github.com/you/example.git

or

git config remote.origin.url https://you:password@github.com/you/example.git
Solution

  • May be I can use https://you:password@github.com/you/example.git:

    That is a bad practice, as anyone doing a docker image history on your built image would get those credentials back.

    It is better to do a multi-stage build, as described in "Access Private Repositories from Your Dockerfile Without Leaving Behind Your SSH Keys".

    It uses an SSH key instead of username/password because:

    • you can generate and register an SSH key dedicated for your docker build.
    • you can revoke that key at any time, since it is used only for this docker build (as opposed to a credential password you cannot easily change without impacting possibly other scripts using said password)

    Your Dockerfile would look like:

    # this is our first build stage, it will not persist in the final image
FROM ubuntu as intermediate

# install git
RUN apt-get update
RUN apt-get install -y git

# add credentials on build
ARG SSH_PRIVATE_KEY
RUN mkdir /root/.ssh/
RUN echo "${SSH_PRIVATE_KEY}" > /root/.ssh/id_rsa

# make sure your domain is accepted
RUN touch /root/.ssh/known_hosts
RUN ssh-keyscan bitbucket.org >> /root/.ssh/known_hosts

RUN git clone git@bitbucket.org:your-user/your-repo.git

FROM ubuntu
# copy the repository form the previous image
COPY --from=intermediate /your-repo /srv/your-repo
# ... actually use the repo :)

    Warning, March 2023, regarding github.com SSH access:

    "GitHub has updated its RSA SSH host key"