Update Git bridge to be user independant

georgina · 2018-09-21 02:44:34 UTC

**Matrix Version:**5.4.5

Hi,

We have a git file bridge setup to get design files from our local instance of GitLab.

There are exiting integrations on the project with urls like
https://user:[charstring]@squiz/designs/design-files?SQ_GIT_BRIDGE_ACTION=pull

testing the integration we get the response
{“action_type”:“pull”,“errors”:[“Error occurred when running git command “/usr/bin/git fetch”: GitLab: Your account has been blocked., fatal: The remote end hung up unexpectedly”],“success”:false}.

One of the user accounts of the project is blocked but this account it is not the same user as in the integration url.
The user account that is blocked but unfortunately this user has left.

We would like to modify the git bridge to not be dependent on a user account.

I’ve tried following the example at https://matrix.squiz.net/tutorials/2018/how-to-set-up-a-git-bridge#creating-the-git-file-bridge-asset.

But the key has already been added to GitLab and I don’t know how to find it in the list of existing IDs. I suspect that this key is in the blocked user account.

Any ideas?

Thanks Georgina.

dschoen · 2018-09-21 02:59:52 UTC

Hi Georgina,

Unfortunately at the moment you either need to find someone who has access to the existing deploy key (or get a GitLab admin to find it) and grant it access to the repo you are attempting to access or change the Matrix instances global key. From a GitLab’s perspective, deploy keys are user independent.

To resolve issues with GitLab and GitHub making it unreasonably hard to use the same key on multiple repository deploy keys we are intending to allow multiple keys in a single Matrix instance but that’s not yet actioned - https://squizmap.squiz.net/matrix/11909 .

Cheers,
Dave

dschoen · 2018-09-21 03:01:36 UTC

Oh and if you’re truly stuck a read only repository deploy token isn’t a terrible option with GitLab: https://docs.gitlab.com/ee/user/project/deploy_tokens/#creating-a-deploy-token