GitPython and SSH Keys?
Solution 1
Please note that all of the following will only work in GitPython v0.3.6 or newer.
You can use the GIT_SSH
environment variable to provide an executable to git which will call ssh
in its place. That way, you can use any kind of ssh key whenever git tries to connect.
This works either per call using a context manager ...
ssh_executable = os.path.join(rw_dir, 'my_ssh_executable.sh')
with repo.git.custom_environment(GIT_SSH=ssh_executable):
repo.remotes.origin.fetch()
... or more persistently using the set_environment(...)
method of the Git
object of your repository:
old_env = repo.git.update_environment(GIT_SSH=ssh_executable)
# If needed, restore the old environment later
repo.git.update_environment(**old_env)
As you can set any amount of environment variables, you can use some to pass information along to your ssh-script to help it pick the desired ssh key for you.
More information about the becoming of this feature (new in GitPython v0.3.6) you will find in the respective issue.
Solution 2
Following worked for me on gitpython==2.1.1
import os
from git import Repo
from git import Git
git_ssh_identity_file = os.path.expanduser('~/.ssh/id_rsa')
git_ssh_cmd = 'ssh -i %s' % git_ssh_identity_file
with Git().custom_environment(GIT_SSH_COMMAND=git_ssh_cmd):
Repo.clone_from('git@....', '/path', branch='my-branch')
Solution 3
I'm on GitPython==3.0.5 and the below worked for me.
from git import Repo
from git import Git
git_ssh_identity_file = os.path.join(os.getcwd(),'ssh_key.key')
git_ssh_cmd = 'ssh -i %s' % git_ssh_identity_file
Repo.clone_from(repo_url, os.path.join(os.getcwd(), repo_name),env=dict(GIT_SSH_COMMAND=git_ssh_cmd))
Using repo.git.custom_environment to set the GIT_SSH_COMMAND won't work for the clone_from function. Reference: https://github.com/gitpython-developers/GitPython/issues/339
Solution 4
In case of a clone_from
in GitPython, the answer by Vijay doesn't work. It sets the git ssh command in a new Git()
instance but then instantiates a separate Repo
call. What does work is using the env
argument of clone_from
, as I learned from here:
Repo.clone_from(url, repo_dir, env={"GIT_SSH_COMMAND": 'ssh -i /PATH/TO/KEY'})
Solution 5
I've found this to make things a bit more like the way git works in the shell by itself.
import os
from git import Git, Repo
global_git = Git()
global_git.update_environment(
**{ k: os.environ[k] for k in os.environ if k.startswith('SSH') }
)
It basically is copying the SSH environment variables to GitPython's "shadow" environment. It then uses the common SSH-AGENT authentication mechanisms so you don't have to worry about specifying exactly which key it is.
For a quicker alternative which carries probably a lot of cruft with it, but it works too:
import os
from git import Git
global_git = Git()
global_git.update_environment(**os.environ)
That mirrors your entire environment, more like the way a subshell works in bash.
Either way, any future call to create a repo or clone picks up the 'adjusted' environment and does the standard git authentication.
No shim scripts necessary.
Related videos on Youtube
andreihondrari
I'm a freelance full-stack software engineer. I've been coding for quite a while and I enjoy helping others out! Feel free to email me for anything at: [email protected].
Updated on April 07, 2021Comments
-
andreihondrari about 3 years
How can I use GitPython along with specific SSH Keys?
The documentation isn't very thorough on that subject. The only thing I've tried so far is
Repo(path)
. -
Rob Wilkerson over 9 yearsHave to admit that I'm struggling with this as well. I'd really rather not write a custom SSH script. Is there any way to just identify the key to use? I'm new-ish to Python and the tutorial/API just aren't quite getting me where I need to be to get this working. Thanks.
-
Byron over 9 yearsTurns out, starting with git 2.3, this is pretty much built-in. Using the new GIT_SSH_COMMAND, you can specify the ssh -i ... command now directly, rather than relying on an external script.
-
Rob Wilkerson over 9 yearsThanks. The following isn't working for me. What am I missing (formatting sucks in comments, but hopefully you get the idea)?
with git_project.git.custom_environment(GIT_SSH_COMMAND='ssh -i ~/.ssh/id_rsa [email protected]'): git_project.remotes.origin.push(git_project.heads.master)
. If I add the-T
option and execute from the command line, I logged in as expected. Formatting issue in my Python code? -
Rob Wilkerson over 9 yearsNote that I added the
[email protected]
after an attempt without it also failed. Desperation trial & error, I guess. :-) -
Byron over 9 yearsUnfortunately I lack personal experience with these environment variables. Maybe it's worth adding a new question that is specific to your particular problem.
-
jonny over 9 yearsYou also shouldn't have to supply the hostname, so try omitting the
[email protected]
. -
Ben DeMott over 7 yearsWhat is the variable 'git' in this example?
-
Vijay Katam over 7 yearsYou mean git@? That is the repo url, for example [email protected]:django/django.git
-
Ben DeMott over 7 yearsThe line
with git.custom_environment(GIT_SSH_COMMAND=git_ssh_cmd):
... what is git ? There is no variable or import that defines git in your code snippet. -
ozn over 5 yearsThis doesn't seem to work for me. I don't know but I think its having issue with adding the private key in the "os.path.expanduser(...)" step. Is there anyway i can verify the add is successful?
-
Anentropic over 5 yearsI don't understand what to do here... where do I put the path to my ssh key?
-
Shadi almost 5 yearsThis doesn't work in the case of
clone_from
. Check my answer below for a working version. -
lukik over 4 yearsSource in GitPython docs. Handling Remotes. At least as at GitPython==3.0.2
-
3lokh over 4 yearsgithub.com/gitpython-developers/GitPython/issues/339. This the GIT_SSH_COMMAND configt won't work for the clone_from() function.
-
ZKDev over 4 yearsThis approach doesn't work for me. Any updates on this?
-
Shadi over 4 yearsWhat did you try?
-
user26742873 over 3 years@ozn
os.path.expanduser(...)
returns a filename, a string.add
- no, GitPython just passed it as argument to git executable. -
Joe over 2 years
clone_from
now has the keywordenv
to pass the environment: Repo.clone_from(url, dst_path, branch=branch, env=dict(GIT_SSH_COMMAND=ssh_cmd))