You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I like the automatic and out-of-box support for SSH host key verification of GitHub and Bitbucket attempted in #86.
However, that isn't a generic solution as:
It doesn't support other git hosts like e.g. GitHub Enterprise
It is vulnerable to future changes in the host keys
Instead, how about making it configurable via project's values.yaml like the below?
# OPTIONAL: Set to whatever content you like to have for .ssh/known_hosts on worker nodes# The below example was generated by running `ssh-keyscan -H github.com`# When omitted, ssh host key verification is disabled(this is the previous behavior)sshKnownHosts: | # github.com:22 SSH-2.0-libssh_0.7.0 # github.com:22 SSH-2.0-libssh_0.7.0 |1|a62YvGNxzDMqnXWOroqxhzaSflk=|yqCMdMiP53NP+vwrOATvJMvipTw= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== # github.com:22 SSH-2.0-libssh_0.7.0
The text was updated successfully, but these errors were encountered:
Alternatively, we could go further with a much richer configuration API.
An example would be something like below, which we can see in an another CI system.
I like the automatic and out-of-box support for SSH host key verification of GitHub and Bitbucket attempted in #86.
However, that isn't a generic solution as:
Instead, how about making it configurable via project's values.yaml like the below?
The text was updated successfully, but these errors were encountered: