Fix workflow SSH configuration errors

[Copilot]

This PR fixes two issues with the GitHub Actions workflow:

1. Invalid secrets context in conditional: GitHub Actions does not allow the secrets context in if conditionals. The workflow failed with:

Invalid workflow file: .github/workflows/test.yml#L28
Unrecognized named-value: 'secrets'. Located at position 1 within expression: secrets.SSH_PRIVATE_KEY != ''

2. SSH host key verification errors: When cloning repositories via SSH URLs, the workflow failed with "Host key verification failed" errors because SSH host keys weren't configured.

Changes

• Removed if: secrets.SSH_PRIVATE_KEY != '' from the "Setup SSH key" step - the webfactory/ssh-agent action handles missing secrets gracefully, making the conditional unnecessary
• Added "Setup SSH known hosts" step to populate ~/.ssh/known_hosts with host keys for GitHub, GitLab, and Bitbucket using ssh-keyscan
• Implemented error handling with || true to gracefully handle failures for individual hosts
• Used -H flag to hash hostnames for additional privacy

       - name: Checkout repository
         uses: actions/checkout@v4

+      - name: Setup SSH known hosts
+        run: |
+          mkdir -p ~/.ssh
+          # Add known hosts for common Git hosting services
+          ssh-keyscan -H github.com >> ~/.ssh/known_hosts 2>/dev/null || true
+          ssh-keyscan -H gitlab.com >> ~/.ssh/known_hosts 2>/dev/null || true
+          ssh-keyscan -H bitbucket.org >> ~/.ssh/known_hosts 2>/dev/null || true
+
       - name: Setup SSH key
-        if: secrets.SSH_PRIVATE_KEY != ''
         uses: webfactory/ssh-agent@v0.9.0
         with:
           ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }}

These changes ensure the workflow can successfully clone repositories via SSH without host key verification failures.

Original prompt

Problem

The workflow file .github/workflows/test.yml has an error on line 28:

Invalid workflow file: .github/workflows/test.yml#L1
(Line: 28, Col: 13): Unrecognized named-value: 'secrets'. Located at position 1 within expression: secrets.SSH_PRIVATE_KEY != ''

Issue

The secrets context cannot be used directly in if conditionals to check if a secret exists or is empty. This is a limitation of GitHub Actions.

Solution

The "Setup SSH key" step on line 27-31 needs to be fixed. Since the webfactory/ssh-agent action handles missing secrets gracefully, the simplest solution is to remove the problematic conditional check on line 28.

Alternatively, if you want to keep the conditional behavior, you would need to:

• Create a repository variable to control whether SSH setup should run
• Or use a job output from a previous step that checks the secret availability in a different way

Recommended Fix

Remove the if: secrets.SSH_PRIVATE_KEY != '' condition on line 28, as the action itself will handle the case where the secret is not provided.

File to modify:

• .github/workflows/test.yml - Remove or fix line 28

This pull request was created as a result of the following prompt from Copilot chat.

Problem

The workflow file .github/workflows/test.yml has an error on line 28:

Invalid workflow file: .github/workflows/test.yml#L1
(Line: 28, Col: 13): Unrecognized named-value: 'secrets'. Located at position 1 within expression: secrets.SSH_PRIVATE_KEY != ''

Issue

The secrets context cannot be used directly in if conditionals to check if a secret exists or is empty. This is a limitation of GitHub Actions.

Solution

The "Setup SSH key" step on line 27-31 needs to be fixed. Since the webfactory/ssh-agent action handles missing secrets gracefully, the simplest solution is to remove the problematic conditional check on line 28.

Alternatively, if you want to keep the conditional behavior, you would need to:

• Create a repository variable to control whether SSH setup should run
• Or use a job output from a previous step that checks the secret availability in a different way

Recommended Fix

Remove the if: secrets.SSH_PRIVATE_KEY != '' condition on line 28, as the action itself will handle the case where the secret is not provided.

File to modify:

• .github/workflows/test.yml - Remove or fix line 28

---

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

[GochoMugo]

@copilot Fix the following error when git cloning using a SSH url

# Host key verification failed.
# fatal: Could not read from remote repository.

[Copilot]

@copilot Fix the following error when git cloning using a SSH url

Fixed in commit 81aabe3 by adding SSH known hosts setup step that runs ssh-keyscan for GitHub, GitLab, and Bitbucket before the SSH agent is configured. This prevents "Host key verification failed" errors when cloning via SSH URLs.