Git clone fail on jenkins

I attemp to clone the source code from git server through Jenkins and here is my steps.
OS: window 10
Jenkins: 2.365

  1. I program the git clone with python and verfy it can work normally.

import git
from git import Git
from git import Repo
git_ssh_cmd = ‘ssh -i C:/Users/ewu19/.ssh/id_rsa’
env={“GIT_SSH_COMMAND”: git_ssh_cmd})

  1. Launch the python in Jenkins build-in windows batch then build now

3 . the error outputs to console as below
Traceback (most recent call last):
File “C:_Doc\Python\”, line 6, in Repo.clone_from(“git_server”:UEFI/Platform/amd_genoa/uefi_genoa_tp_platform.git",
File “C:\Users\ewu19\AppData\Local\Programs\Python\Python310\lib\site-packages\git\repo\”, line 1148, in clone_from
return cls._clone(git, url, to_path, GitCmdObjectDB, progress, multi_options, **kwargs)
File “C:\Users\ewu19\AppData\Local\Programs\Python\Python310\lib\site-packages\git\repo\”, line 1086, in _clone
finalize_process(proc, stderr=stderr)
File “C:\Users\ewu19\AppData\Local\Programs\Python\Python310\lib\site-packages\git\”, line 386, in finalize_process
File “C:\Users\ewu19\AppData\Local\Programs\Python\Python310\lib\site-packages\git\”, line 502, in wait
raise GitCommandError(remove_password_if_present(self.args), status, errstr)
git.exc.GitCommandError: Cmd(‘git’) failed due to: exit code(128)
cmdline: git clone -v git_server:UEFI/Platform/amd_genoa/uefi_genoa_tp_platform.git C:/mytest/test
stderr: 'Cloning into ‘C:/mytest/test’…
Host key verification failed.
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

have any ideas for the problem, thanks for your help

Why are you cloning this way? It seems overkill instead of just using the cloning functionality in Jenkins itself.

You are settings env to something, but never using it before the clone command, so how will git be able to use the env? You are getting an error right in the output, so I would start there.

As @slide_o_mix said, that message is probably the key to what you need to change if you intend to perform the git clone from inside your Python script. You’re attempting to clone using the ssh protocol but the host key of the remote server is not known on the agent that is performing the git command.

The ~/.ssh/known_hosts file is the usual location where host keys are written for ssh based clone of repositories. On Windows, that would be in %HOMEDRIVE%%HOMEPATH%\.ssh\known_hosts .

your ideas is that I should include the know_hosts file in my python isn,t it?

Yes, since you’ve decided to take responsibility for the git clone in your Python script, I think you should also take responsibility for the configuration that will allow you to run the git clone.

one question , as I know if i attemp to clone from git, the id_rsa key pair(private/public) are necessary,
the known_host is recorded the git server’s pubkey in client on the first connecting to git server through .ssh, so is the known_host necessay or any method can ignore it?

I did clone from git server with Build-in clone of Jenkins, it can work normally clone my source code in the worksapce

But I still want to figure out why I can not use gitpython to clone dirrectly, lol just for analyze due to I am a rookie in Jenkins

If you’re taking responsibility for the git clone by calling command line git and by creating the correct private key file, I think you should also assure that the correct host key is in the known_hosts file.

Yes, sometimes the python program may run in an environment that has already configured a known_hosts file, but I would not want to depend on that.

Ephemeral agents may not be a thing you’re using now, but there will likely come a time in the future when you’ll want to run from an agent that exists only for the duration of the single job.

Thanks for your answer, I understood and will keep to study and find the solution out
thumbs up!