Home > database >  SSH keys not considered while using "eval" in shell
SSH keys not considered while using "eval" in shell

Time:07-06

I am trying to do a git clone in a shell script where the repo URL is evaluated dynamically. I have tried below in my script:

git clone 'git_repo_url' works fine

x='git_repo_url'; git clone $x works fine

I am using eval to dynamically create the repo URL, and echo $(eval xyz) gives the exact same repo URL as above i.e. 'git_repo_url'

  • However git clone $(eval xyz) fails with Permission denied (publickey) error.

  • Also, x=$(eval xyz) and git clone $x also fails Permission denied (publickey) error.

My SSH keys are configured in the default location ~/.ssh and also have ~/.ssh/config in place. I am unable to figure out what is going wrong here.

This is what I see with (set -x; git clone $(eval xyz))

git clone ''\''git_repo_url'\'''

So those quotes and slashes are causing the issue, but not sure why.

Why I am using eval

  1. The "git_repo_url" for various projects are exported as environment variables. The format of the environment variable is as follows:

    project_<project_name>_git='git_repo_url'

  2. <project_name> is passed as the first input parameter to the shell script that does the git clone

  3. So to form the environment variable, I am using eval:

    $(eval echo \$\{project_$1_git\})

CodePudding user response:

Rather than use eval to construct an echo of the value you want using the arbitrary-command-execution hammer, use bash's expansion-indirection option, it's simple, safe, efficient, ...:

urlname=project_${project_name}_git
git clone ${!urlname}
  • Related