GitHub SSH auth failure: You're using an RSA key with SHA-1, which is no longer allowed

[ishitatsuyuki]

Describe the bug
When cloning a GitHub repo with SSH auth, RSA private key, Waypoint fails with the following error:

Git clone failed: unknown error: ERROR: You're using an RSA key with SHA-1, which is no longer allowed. Please use a newer client or a different key type.

Output:

It looks like this is an issue with a dependency: go-git/go-git#411

Steps to Reproduce

1. Install Waypoint. My cluster is using Nomad.
2. Create a deploy key on GitHub (or use your personal SSH key). The key should use RSA (and not ECDSA).
3. Add a project from the web UI, fill in a repo and the SSH key then apply. My repo was private but a public repo should work too.

Expected behavior

git clone should succeed.

Waypoint Platform Versions

• Waypoint CLI Version: v0.9.1
• Waypoint Server Platform and Version: nomad v0.9.1
• Waypoint Plugin: N/A

[ishitatsuyuki]

Using an ECDSA key can workaround this. Kinda obvious but fwiw.

[briancain]

Hey there @ishitatsuyuki - This looks to be working as expected, and the error message seems descriptive enough to get you unblocked. SSH has also removed support for RSA SHA-1 keys, so at this time there isn't much that Waypoint can do for you with this issue. For now, I'm going to go ahead and close this but thank you for opening the issue!

[ishitatsuyuki]

TBH this looks like a fairly poor out of box experience, but if you have other stuff to prioritize I guess it's OK to skip this for now.

[ishitatsuyuki]

@briancain It looks like this has been fixed upstream. It still hasn't got a tagged release, but please consider reopening this and update the dep once it gets tagged.