Helix TeamHub SSH

Tip

Use a bot account instead of personal credentials to store the SSH public key required for the GitConnector. (The web-service-user mentioned below).

The two options are:

  • Use a regular bot, and give it access to relevant projects and repositories on the team view
  • Use a company admin bot account, which has access to every repository inside the company

For more information, see Bots & programmatic repository access in the Helix TeamHub Help.

Important

The target repo must NOT already exist in Helix Core Server.

The source repo must not be empty.

  1. On the Git Connector server, log in as the root user.

  2. Create a .ssh directory:

    mkdir /var/www/.ssh

  3. Assign the owner of the directory to be the web-service-user:

    chown web-service-user:gconn-auth /var/www/.ssh

  4. Switch user from root to the web-service-user:

    Ubuntu CentOS
    su -s /bin/bash - www-data su -s /bin/bash - apache

    and generate the public and private SSH keys for the Git Connector instance:

    ssh-keygen -t rsa -b 4096 -C web-service-user@gitConnector.com

    then follow the prompts.

  5. Locate the public key:

    /var/www/.ssh/id_rsa.pub

  6. Copy this public key to the GitLab or GitHub server and add /var/www/.ssh/id_rsa.pub to the user account (helix-user) that performs clone and fetch for mirroring.
  7. Configure the webhook for mirroring:
    1. Set the environment variable GCONN_CONFIG to the absolute path to the gconn.conf file:

      export GCONN_CONFIG=/opt/perforce/git-connector/gconn.conf

    2. Add the web hook:

      gconn --mirrorhooks add graphDepotName/repoName git@HelixTeamHubServer/companyName/projects/projectName/repositories/gitrepoName

      where access-token:secret represents your personal access token for GitHub or GitLab.

    Tip

    Copy the URL from your project's SSH drop-down box.

  8. Save the secret token that the --mirrorhooks command generates.
  9. Tip

    The secret token is also stored in /opt/perforce/git-connector/repos/graphDepotName/repoName.git/.mirror.config

Mirror a repo over SSH

  1. Select Hooks, Add Hook, and select a repository from the drop-down.

  2. Select service WebHook from the drop-down
  3. Check the triggers that you want to launch a mirroring action
  4. Under Hook attributes:
    1. Paste the URL of the Git Connector into the URL text box: https://GitConnector.com/mirrorhooks
    2. Select content-type of json (application/json) from the drop-down.
    3. Paste the mirrorhook secret token in the Secret text box.
    4. Check the Insecure ssl checkbox because no certificate is associated with the webhook.
  5. Click Save hook.

  6. Validate that mirroring is in place by running the following command on the Git Connector:

    gconn --mirrorhooks list

    This displays the repositories that are mirrored and the Git Host. For example:

    gconn --mirrorhooks list
    //hth/repoName <<< http://HelixTeamHub.com/hth/projects/projectName/repositories/git/repoName.git ... 
    //hth/repoName2 <<< http://HelixTeamHub.com/hth/projects/projectName/repositories/git/repoName2.git ... Not mirrored by this Gconn instance ( no mirror config )

Troubleshooting

If there are any issues, review the following files, or send them to Perforce Technical Support:

Helix TeamHub log at /var/log/hth/resque/current

and from the Git Connector:

/opt/perforce/git-connector/repos/graphDepot/repoName.git/.mirror.config
/opt/perforce/git-connector/repos/graphDepot/repoName.git/push_log
/opt/perforce/git-connector/repos/graphDepot/repoName.git/fetch_log
/opt/perforce/git-connector/repos/graphDepot/repoName.git/.mirror.log
/opt/perforce/git-connector/gconn.conf
/opt/perforce/git-connector/logs/gconn.log
/opt/perforce/git-connector/logs/p4gc.log