10
votes

I have a private bitbucket repo that is connected to the Azure DevOps Build Pipeline. The private repo has a submodule connected to a public Github repo.

Both repositories are accessed via SSH.

I have ticked the clone submodules box in DevOps.

How do I provide an SSH key to Azure DevOps so it will clone the submodule?

2

2 Answers

13
votes

The solution for this was not to change to https, or setup a self hosted agent.

There is a step available called Load an SSH key.

I created a new ssh key on github, added the Load SSH Key step to the VSTS tasks.

It runs before the Checkout task (despite appearing in the queue afterwards) and loads the required ssh key on the agent

1
votes

It's unnecessary to provider SSH Key to Azure DevOps, you just need to modify the .gitmodules file in the private bitbucket repo to specify the submodule github repo URL with HTTP protocol.

Such as modify the .gitmodules file as:

[submodule "myrepo"]
    path = myrepo
    url = https://github.com/username/myrepo.git

Now, when you queue the build again, it will download the submodule repo successful in Get sources (checkout) step.

While for the reason why it mainly build failed at Get sources step, it's caused the build agent does not have the SSH key which matches in Github, when get the soubmodule sources. So if you do not want to modify .gitmodules file with HTTP protocol, you should to queue the build which the self-hosted agent which contains the ssk public key you specified in GitHub.

Detail steps to setup a self-hosted agent as below:

  1. Create and copy a PAT in the page https://account.visualstudio.com/_usersSettings/tokens for later use. If you already have PAT, then skip this step.
  2. Download agent

    In Agent pools page (https://account.visualstudio.com/_settings/agentpools) -> download agent to the local machine where GitHub repo SSH locates -> unzip in a directory.

    enter image description here

  3. Setup self-hosted agent

    In the unzipped directory -> open PowerShell as Administrator -> execute ./config.cmd -> enter URL, PAT, agent pool (such as Default agent pool) etc as it hints.

    After configuration -> if the agent is offline line -> execute ./run.cmd in the PowerShell window to make sure the agent state is Online.

    enter image description here

Now you can queue build with your self-hosted agent.