GitGetter.setupGitEnv() breaks sshCommand config attribute

[nl-brett-stime]

Context:
Recent versions of git (>= v2.10) support setting an SSH command via .gitconfig files. E.g., https://stackoverflow.com/a/38474137/93345 .

This is particularly useful when coupled with another somewhat recent feature of conditional config imports e.g., https://stackoverflow.com/a/36296990/93345 .

Problem:
The setupGitEnv() function in get_git.go specifies a GIT_SSH_COMMAND environment variable, even when an ssh key file is not explicitly set in the git repo URL via the sshkey query parameter.

When there is no query parameter for sshkey, the GIT_SSH_COMMAND environment variable should be left unset. Presently, it ends up being set to GIT_SSH_COMMAND=ssh, which breaks configuration via .gitconfig files.

[nl-brett-stime]

Link to function at issue:

go-getter/get_git.go

Lines 239 to 273 in f9b50dd

	// setupGitEnv sets up the environment for the given command. This is used to
	// pass configuration data to git and ssh and enables advanced cloning methods.
	func setupGitEnv(cmd *exec.Cmd, sshKeyFile string) {
	const gitSSHCommand = "GIT_SSH_COMMAND="
	var sshCmd []string
	// If we have an existing GIT_SSH_COMMAND, we need to append our options.
	// We will also remove our old entry to make sure the behavior is the same
	// with versions of Go < 1.9.
	env := os.Environ()
	for i, v := range env {
	if strings.HasPrefix(v, gitSSHCommand) && len(v) > len(gitSSHCommand) {
	sshCmd = []string{v}
	env[i], env[len(env)-1] = env[len(env)-1], env[i]
	env = env[:len(env)-1]
	break
	}
	}
	if len(sshCmd) == 0 {
	sshCmd = []string{gitSSHCommand + "ssh"}
	}
	if sshKeyFile != "" {
	// We have an SSH key temp file configured, tell ssh about this.
	if runtime.GOOS == "windows" {
	sshKeyFile = strings.Replace(sshKeyFile, `\`, `/`, -1)
	}
	sshCmd = append(sshCmd, "-i", sshKeyFile)
	}
	env = append(env, strings.Join(sshCmd, " "))
	cmd.Env = env
	}

[msmans]

It's disappointing that #300 has been open for years now :( Meanwhile, I managed to come up with a workaround using a conditional GIT_SSH_COMMAND env var. I used to have:

# ~/.gitconfig
[includeIf "gitdir:~/work/"]
  path = ~/work/.gitconfig

# ~/work/.gitconfig
[core]
  sshCommand = "ssh -i ~/.ssh/id_work_ed25519 -o IdentitiesOnly=yes"

It's now replaced by the following in my ~/.bashrc to work around this issue:

export GIT_SSH_COMMAND='ssh $(
  if [[ "$(pwd)" == "$HOME"/work* ]]; then
    echo "-i ~/.ssh/id_work_ed25519 -o IdentitiesOnly=yes"
  fi
)'

[raffraffraff]

Thanks @msmans - it's horrible to ask everyone in the team to do this. In my case, I'm working around it for my work identity simply by making it the default one in ~/.ssh/config:

IdentityFile /home/myuser/.ssh/work_key

This fixes terraform init in work, and I can swap around my .gitconfig overrides to match.

[soar]

Why is this issue closed, if the problem still exists?

[crw]

@soar There have been multiple closed PRs on this issue since the original report. At this point it would be more useful to open a new issue describing the symptoms you are seeing and the use case, if you are experiencing problems with the given functionality. Thanks!

[soar]

My apologies. I just realized, that it works with the newest Terraform. Thank you a lot!