Search code examples
flutterbitbucketssh-keyscircleci

CircleCI failing to access private repository

We have a Flutter app which uses a private repository as a dependency.

The SSH key has been added to CircleCI, and the remote access to the repository works just fine locally using this same key.

The config has been added to the .circleci/config.yml:

- add_ssh_keys:
  fingerprints:
    - "84:1a:so:me:ke:y:14:31:0f"

But CircleCI keeps failing to access the private dependency repo , giving the following error:

" Running "flutter pub get" in project... Git error. Command: git clone --mirror git@bitbucket.org:our_account/priv_repo.git /home/circleci/development/flutter/.pub-cache/git/cache/priv_repo-3456accd54b38ec5b3820944f77e90ce2ddc9887 stdout: stderr: Cloning into bare repository '/home/circleci/development/flutter/.pub-cache/git/cache/priv_repo-3456accd54b38ec5b3820944f77e90ce2ddc9887'... Warning: Permanently added the RSA host key for IP address '18.205.93.1' to the list of known hosts. Unauthorized fatal: Could not read from remote repository.

Please make sure you have the correct access rights and the repository exists. exit code: 128 "

Has anyone successfully created a CircleCI deployment which includes a private repo dependency?
What might possibly be missing to cause this issue?

Solution

  • OK - there were a couple of things I had wrong,

    The main one was that I had the add_ssh_keys line in the wrong place.
    It really needs to be the first step, or at least be before the flutter/install_sdk_and_pub step.

    eg. This works (but if the add_ssh_keys step was at the bottom of the list of 4 steps here then it fails):

        steps:

      - add_ssh_keys:
          fingerprints:
            - "84:1a:so:me:ke:y:14:31:0f"

      - checkout
      - aws-cli/setup:
          profile-name: example
      - flutter/install_sdk_and_pub:
          flutter_version: 2.5.3

    In addition to that it is worth noting that I added my SSH key as an "Additional SSH Keys" type key (adding a "User Key" broke the deploy) (that is under Project Settings > SSH Keys),
    and I set the Hostname for the key to "bitbucket.org".

    So CircleCI is now successfully pulling in my private repo dependency.
    It is failing on versioning mismatch stuff, but that is another issue, and shall be solved at another time.