Configuring Go CD for passwordless ssh clone from GitHub

I recently installed Go CD to do some CI/CD proof of concept work. ( Go CD is a continuous delivery server based on pipelines of work to be accomplished. It integrates with several CRM systems, including GitHub.

After the install, I was prompted by the Go CD GUI to create my first pipeline. Each pipeline has 3 main parts:

  • Basic Settings
  • Materials
  • Stage/Job

Basic settings are simple: Name of the pipeline and the pipeline group it belongs to. It is in the setting up of the Materials that I ran into trouble.

The Materials page requires 3 pieces of information:

  • Material Type (GitHub)
  • URL (SSH clone URL)
  • Branch (master by default)

When I clicked “Check Connection”, I received the following error:

--- ERROR ---
STDERR: Permission denied (publickey).
STDERR: fatal: Could not read from remote repository.
STDERR: Please make sure you have the correct access rights
STDERR: and the repository exists.

The problem is that Go CD Server runs as the “go” user on my Go CD master and slaves. I needed to add the “go” user’s public ssh key for each server (master and all slaves) to GitHub as a Deploy Key.

On each server (master and slaves), I did the following:

  • Login to the server using ssh
  • Change to the “go” user via ‘sudo su go’
  • Create the “go” user’s public key via ‘ssh-keygen’. I went with default path and file name (‘/var/go/.ssh/id_rsa’) and gave no passphrase.
  • Copied the contents of ‘/var/go/.ssh/’ to GitHub as a new Deploy Key.

On each server (master and slaves), I tested the connection by executing a command-line git clone. In each case, I was prompted to permanently add the GitHub server to my list of known hosts.

Once this was complete, “Check Connection” passed with “OK”.