Cargo dependency on private git repo

I have a dependency in my Cargo.toml of the form git = "ssh://git@bitbucket.org/company/project.git". This is a private repository. Cargo fails to download it with the following error:

Caused by:
  failed to authenticate when downloading repository
attempted ssh-agent authentication, but none of the usernames `git` succeeded

I've seen several long-open issues on the topic (1, 2). I understand that cargo isn't looking at my ~/.ssh/config file, which is why it's not using my SSH key for bitbucket.

How have folks who are using Rust at work dealt with depending on internal libraries?

2 Likes

I use path = "../library" and check them out myself (or using git submodules).

I've been using path = "../library" so far. Submodules come along with their own set of challenges, which I'd like to avoid.

Have you ever used cargo-vendor? I haven't tried it, but it looks like it might fit my needs.

I looked into it, and I don't think cargo-vendor is what I'm looking for. It's specifically for crates.io dependencies, whereas I was hoping for the opposite - I wanted to develop with a path = "..." dependency to a repo that's separately checked out, and then use vendor to copy it into the project I'm working on.

At work we got the same setup, where private crates are loaded from a git repo. This works by using an ssh key and adding it to the ssh-agent cargo will than use that key to log in to the git repo.

To start the ssh-agent and load the keys the following commands are added tot the build:
eval ssh-agent
ssh-add

This works for me:

[dependencies]
subproject = { git = "ssh://git@github.com/your-organisation/your-projectname.git" }
6 Likes