Fixes related to the PR

- back out changes to changing the git url
 - fix gid
 - ignore global ssh config option when specifying known hosts

Signed-off-by: Alex Couture-Beil <alex@earthly.dev>

client/llb/source.go

@@ -201,7 +201,7 @@ func Git(remote, ref string, opts ...GitOption) State {
 	url := ""
 
 	for _, prefix := range []string{
-		"http://", "https://", "git://",
+		"http://", "https://", "git://", "git@",
 	} {
 		if strings.HasPrefix(remote, prefix) {
 			url = strings.Split(remote, "#")[0]
@@ -247,8 +247,8 @@ func Git(remote, ref string, opts ...GitOption) State {
 		attrs[pb.AttrKnownSSHHosts] = gi.KnownSSHHosts
 		addCap(&gi.Constraints, pb.CapSourceGitKnownSSHHosts)
 	}
-	if gi.MountSSHSock {
-		attrs[pb.AttrMountSSHSock] = "true"
+	if gi.MountSSHSock != "" {
+		attrs[pb.AttrMountSSHSock] = gi.MountSSHSock
 		addCap(&gi.Constraints, pb.CapSourceGitMountSSHSock)
 	}
 
@@ -274,7 +274,7 @@ type GitInfo struct {
 	AuthHeaderSecret string
 	addAuthCap       bool
 	KnownSSHHosts    string
-	MountSSHSock     bool
+	MountSSHSock     string
 }
 
 func KeepGitDir() GitOption {
@@ -304,9 +304,9 @@ func KnownSSHHosts(key string) GitOption {
 	})
 }
 
-func MountSSHSock() GitOption {
+func MountSSHSock(sshID string) GitOption {
 	return gitOptionFunc(func(gi *GitInfo) {
-		gi.MountSSHSock = true
+		gi.MountSSHSock = sshID
 	})
 }
 

source/git/gitsource.go

@@ -238,8 +238,7 @@ func (gs *gitSourceHandler) getAuthToken(ctx context.Context, g session.Group) e
 	})
 }
 
-func (gs *gitSourceHandler) mountSSHAuthSock(ctx context.Context, g session.Group) (string, func() error, error) {
-	sshID := "default"
+func (gs *gitSourceHandler) mountSSHAuthSock(ctx context.Context, sshID string, g session.Group) (string, func() error, error) {
 	var caller session.Caller
 	err := gs.sm.Any(ctx, g, func(ctx context.Context, _ string, c session.Caller) error {
 		if err := sshforward.CheckSSHID(ctx, c, sshID); err != nil {
@@ -261,9 +260,9 @@ func (gs *gitSourceHandler) mountSSHAuthSock(ctx context.Context, g session.Grou
 		return "", nil, err
 	}
 
-	// best effor, default to root
+	// best effort, default to root
 	uid, _ := strconv.Atoi(usr.Uid)
-	gid, _ := strconv.Atoi(usr.Uid)
+	gid, _ := strconv.Atoi(usr.Gid)
 
 	sock, cleanup, err := sshforward.MountSSHSocket(ctx, caller, sshforward.SocketOpt{
 		ID:   sshID,
@@ -326,9 +325,9 @@ func (gs *gitSourceHandler) CacheKey(ctx context.Context, g session.Group, index
 	defer unmountGitDir()
 
 	var sock string
-	if gs.src.MountSSHSock {
+	if gs.src.MountSSHSock != "" {
 		var unmountSock func() error
-		sock, unmountSock, err = gs.mountSSHAuthSock(ctx, g)
+		sock, unmountSock, err = gs.mountSSHAuthSock(ctx, gs.src.MountSSHSock, g)
 		if err != nil {
 			return "", nil, false, err
 		}
@@ -404,9 +403,9 @@ func (gs *gitSourceHandler) Snapshot(ctx context.Context, g session.Group) (out
 	defer unmountGitDir()
 
 	var sock string
-	if gs.src.MountSSHSock {
+	if gs.src.MountSSHSock != "" {
 		var unmountSock func() error
-		sock, unmountSock, err = gs.mountSSHAuthSock(ctx, g)
+		sock, unmountSock, err = gs.mountSSHAuthSock(ctx, gs.src.MountSSHSock, g)
 		if err != nil {
 			return nil, err
 		}
@@ -598,7 +597,7 @@ func git(ctx context.Context, dir, sshAuthSock, knownHosts string, args ...strin
 			cmd.Env = append(cmd.Env, "SSH_AUTH_SOCK="+sshAuthSock)
 		}
 		if knownHosts != "" {
-			cmd.Env = append(cmd.Env, "GIT_SSH_COMMAND=ssh -o UserKnownHostsFile="+knownHosts)
+			cmd.Env = append(cmd.Env, "GIT_SSH_COMMAND=ssh -F /dev/null -o UserKnownHostsFile="+knownHosts)
 		}
 
 		// remote git commands spawn helper processes that inherit FDs and don't

source/gitidentifier.go

@@ -2,16 +2,11 @@ package source
 
 import (
 	"net/url"
-	"regexp"
 	"strings"
 
 	"github.com/pkg/errors"
 )
 
-// sshGitRegexp is used to detect if the git repo uses ssh
-// e.g. git@... or otheruser@nonstandardgithost.com:my/really/strange/repo.git
-var sshGitRegexp, _ = regexp.Compile("[a-z0-9_]+@[^/]+:.+")
-
 type GitIdentifier struct {
 	Remote           string
 	Ref              string
@@ -19,15 +14,19 @@ type GitIdentifier struct {
 	KeepGitDir       bool
 	AuthTokenSecret  string
 	AuthHeaderSecret string
-	MountSSHSock     bool
+	MountSSHSock     string
 	KnownSSHHosts    string
 }
 
 func NewGitIdentifier(remoteURL string) (*GitIdentifier, error) {
 	repo := GitIdentifier{}
 
+	if !isGitTransport(remoteURL) {
+		remoteURL = "https://" + remoteURL
+	}
+
 	var fragment string
-	if sshGitRegexp.MatchString(remoteURL) {
+	if strings.HasPrefix(remoteURL, "git@") {
 		// git@.. is not an URL, so cannot be parsed as URL
 		parts := strings.SplitN(remoteURL, "#", 2)
 
@@ -37,10 +36,6 @@ func NewGitIdentifier(remoteURL string) (*GitIdentifier, error) {
 		}
 		repo.Ref, repo.Subdir = getRefAndSubdir(fragment)
 	} else {
-		if !strings.HasPrefix(remoteURL, "http://") && !strings.HasPrefix(remoteURL, "https://") {
-			remoteURL = "https://" + remoteURL
-		}
-
 		u, err := url.Parse(remoteURL)
 		if err != nil {
 			return nil, err
@@ -60,6 +55,12 @@ func (i *GitIdentifier) ID() string {
 	return "git"
 }
 
+// isGitTransport returns true if the provided str is a git transport by inspecting
+// the prefix of the string for known protocols used in git.
+func isGitTransport(str string) bool {
+	return strings.HasPrefix(str, "http://") || strings.HasPrefix(str, "https://") || strings.HasPrefix(str, "git://") || strings.HasPrefix(str, "git@")
+}
+
 func getRefAndSubdir(fragment string) (ref string, subdir string) {
 	refAndDir := strings.SplitN(fragment, ":", 2)
 	ref = "master"

source/identifier.go

@@ -110,9 +110,7 @@ func FromLLB(op *pb.Op_Source, platform *pb.Platform) (Identifier, error) {
 			case pb.AttrKnownSSHHosts:
 				id.KnownSSHHosts = v
 			case pb.AttrMountSSHSock:
-				if v == "true" {
-					id.MountSSHSock = true
-				}
+				id.MountSSHSock = v
 			}
 		}
 	}