[Feature]: Add support for git+ssh

[dark-penguin]

Issue Description

Hi!
I've got a custom Git configuration which I think is pretty common - working with Github over SSH instead of HTTPS so that I cah authenticate with my SSH key instead of an HTTPS token:

[url "ssh://git@github.com/"]
        insteadOf = https://github.com/

Normally, my SSH identity is added to my SSH agent (gnome-keyring), so I can work with Github without even entering my passphrase every time.

But when SDNext is running in any session that's not directly spawned by me logged into a GUI, then an SSH agent is not available. So, any Git operation (like updating, installing extensions, or even launching after an update) will fail due to being unable to authenticate over SSH (since any HTTPS links to Github are converted to SSH).

Of course, normally all I'd have many ways to deal with it. Specify GIT_SSH_COMMAND environment variable, or set a per-URL identity file in my gitconfig, or set another environment variable to "convert" SSH links back to HTTPS.

Unfortunately, none of this works. I've tried anything I could have thought of, and anything multiple LLMs could suggest. For some reason, environment variables present when I launch SDNext do not make it to the actual Git calls. Nor is my SSH config honored. My global .gitconfig seems to be honored, but that's the same config I use for other things (like developing the very same repository), so I don't want to break it.

I've tried hacking around a little - there's not many calls to Git in SDNext. But that didn't help either. There's something mystical going on - it refuses to honor any configuration other than the global .gitconfig . I do have some proof that it should have worked with pure GitPython though.

Steps to reproduce:

• Install SDNext somewhere on a Linux machine that does not have an SSH agent
• Configure Git to replace HTTPS with SSH for any Github URLs, and ensure that Git otherwise works with your SSH identity
• Launch SDNext and try to install any extension

Expected results:

• Same as if you had an SSH agent running: extensions install without any issue.

Actual results:

ERROR    Error installing extension: https://github.com/Mikubill/sd-webui-controlnet Cmd('git')
failed due to: exit code(128)
cmdline: git clone -v --filter=blob:none --
https://github.com/Mikubill/sd-webui-controlnet tmp/sd-webui-controlnet
  stderr: 'Cloning into 'tmp/sd-webui-controlnet'...
Bad packet length 2612483236.
ssh_dispatch_run_fatal: Connection to 140.82.121.3 port 22: Connection corrupted
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.
'
ERROR    gradio call: ValueError

Yes, the error message is cryptic, but believe me, if I comment out the HTTPS-to-SSH substitution, it works as expected.

Proof that this is NOT a problem with GitPython:

$ cat test.sh 
#!/usr/bin/bash
python3 /tmpfs/test.py

$ cat test.py 
#!/usr/bin/python
import git
git.Repo.clone_from('https://github.com/dark-penguin/medit', '/tmp/medit')

$ ./test.sh
git@github.com: Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

Problem reproduced. Let's fix it by explicitly specifying an SSH identity file with an environment variable:

$ GIT_SSH_COMMAND="ssh -o IdentitiesOnly=yes -i ~/.ssh/darkpenguin" ./test.sh
$ ls -lha /tmp/medit/
total 1.4M
<... cloned successfully ...>

Problem solved. This proves that by default, GitPython DOES honor environment variables, even though (I assume) it is not launching Git in a shell session.
Let's fix the problem permanently:

$ rm -Rf /tmp/medit/
$ cat ~/.ssh/config 
Host github.com
    User git
    IdentityFile ~/.ssh/darkpenguin

$ ./test.sh
$ ls -lha /tmp/medit/
total 1.4M
<... cloned successfully ...>

Problem fixed. This proves that GitPython itself also DOES honor the SSH config file. Of course it does, because it's not calling SSH itself - Git calls SSH to establish a connection. So in theory, it should be absolutely impossible to break this, unless you try very very hard and, for example, override the Git SSH command with something that is explicitly told to ignore the default SSH config.

Now try launching SDNext - with GIT_SSH_COMMAND set, with SSH config fixed - problem is still there.

Things I've tried:

This would have been the easiest solution. But I have tried much more - all with the same result: nothing changes.

• Exporting an environment variable: export GIT_SSH_COMMAND="ssh -o IdentitiesOnly=yes -i ~/.ssh/darkpenguin"
• Aliasing 'git': `alias git='GIT_SSH_COMMAND="ssh -i ~/.ssh/darkpenguin" git'
• Creating a /usr/local/bin/git with the following content: GIT_SSH_COMMAND="ssh -o IdentitiesOnly=yes -i ~/.ssh/darkpenguin" /usr/bin/git "$@"
• Finding any mentions of git.Repo.clone_from() in SDNext and adding (env=os.environ) to its arguments

Of course, the same happens if I try to do any kind of updating.

is there any way at all to fix this without modifying my global .gitconfig? (A local per-project .gitconfig won't help either, because it is not applied when we are cloning a new repository for a new extension, even if we happen to be in a directory that already has another repository cloned.)

Version Platform Description

• Debian 12 Bookworm amd64
• SDNext from master branch (updated today to check if it was already fixed in the development branch)
• Radeon RX6800 (with ROCm)
• Brave browser

Relevant log output

Activate python venv: /home/kami/sdnext/venv
Launch: venv/bin/python3
22:19:06-596246 INFO     Starting SD.Next                                                                           
22:19:06-599478 INFO     Logger: file="/home/kami/sdnext/sdnext.log" level=DEBUG size=64 mode=create                
22:19:06-635642 INFO     Version: app=sd.next updated=2025-02-05 hash=86fd203f branch=master                        
                         url=ssh://git@github.com/vladmandic/sdnext/tree/master ui=main                             
22:19:06-647116 INFO     Platform: arch=x86_64 cpu= system=Linux release=6.12.12-1-liquorix-amd64 python=3.11.2     
                         docker=False                                                                               
22:19:06-648614 DEBUG    Packages: venv=venv site=['venv/lib/python3.11/site-packages']                             
22:19:06-649747 INFO     Args: ['--debug', '--listen', '--use-rocm', '--insecure', '--quick']                       
22:19:06-650658 DEBUG    Setting environment tuning                                                                 
22:19:06-651579 DEBUG    Torch allocator: "garbage_collection_threshold:0.80,max_split_size_mb:512"                 
22:19:06-677004 DEBUG    Torch overrides: cuda=False rocm=True ipex=False directml=False openvino=False zluda=False 
22:19:06-678356 INFO     ROCm: AMD toolkit detected                                                                 
22:19:06-714314 INFO     ROCm: agents=['gfx1030']                                                                   
22:19:06-715387 INFO     ROCm: version=6.3, using agent gfx1030                                                     
22:19:06-752078 INFO     Install: verifying requirements                                                            
22:19:06-757146 INFO     Startup: quick launch                                                                      
22:19:06-757915 DEBUG    Register paths                                                                             
22:19:06-758764 INFO     Extensions: disabled=['sdnext-modernui']                                                   
22:19:06-759656 INFO     Extensions: enabled=['Lora', 'sd-extension-chainner', 'sd-extension-system-info',          
                         'sd-webui-agent-scheduler', 'stable-diffusion-webui-rembg'] extensions-builtin             
22:19:06-761041 INFO     Extensions: enabled=['sd-webui-controlnet'] extensions                                     
22:19:06-763582 DEBUG    Extension preload: {'extensions-builtin': 0.0, 'extensions': 0.0}                          
22:19:06-764883 INFO     Command line args: ['--debug', '--listen', '--use-rocm', '--insecure', '--quick']          
                         insecure=True listen=True quick=True use_rocm=True debug=True args=[]                      
22:19:06-766229 DEBUG    Env flags: ['SD_PIP_DEBUG=true', 'SD_INSTALL_DEBUG=true']                                  
22:19:06-767158 DEBUG    Linker flags: preload="libtcmalloc.so.4" path=":/home/kami/sdnext/venv/lib/"               
22:19:06-768153 DEBUG    Starting module: <module 'webui' from '/home/kami/sdnext/webui.py'>                        
22:19:11-767774 DEBUG    System: cores=12 affinity=12 threads=6                                                     
22:19:11-771235 INFO     Torch: torch==2.4.1+rocm6.1 torchvision==0.19.1+rocm6.1                                    
22:19:11-772198 INFO     Packages: diffusers==0.32.2 transformers==4.48.2 accelerate==1.3.0 gradio==3.43.2          
22:19:14-211256 INFO     Device detect: memory=16.0 default=balanced                                                
22:19:14-213307 DEBUG    Read: file="config.json" json=25 bytes=1081 time=0.000 fn=<module>:load                    
22:19:14-495123 INFO     Engine: backend=Backend.DIFFUSERS compute=rocm device=cuda attention="Scaled-Dot-Product"  
                         mode=no_grad                                                                               
22:19:14-496594 DEBUG    Read: file="html/reference.json" json=63 bytes=32978 time=0.000                            
                         fn=_call_with_frames_removed:<module>                                                      
22:19:14-788761 INFO     Torch parameters: backend=rocm device=cuda config=Auto dtype=torch.float16 context=no_grad 
                         nohalf=False nohalfvae=False upcast=False deterministic=False tunable=[False, True]        
                         fp16=pass bf16=fail optimization="Scaled-Dot-Product"                                      
22:19:14-905908 DEBUG    ONNX: version=1.20.1 provider=ROCMExecutionProvider, available=['AzureExecutionProvider',  
                         'CPUExecutionProvider']                                                                    
22:19:14-943673 INFO     Device: device=AMD Radeon RX 6800 n=1 hip=6.1.40091-a8dbc0c19                              
22:19:15-003451 DEBUG    Entering start sequence

Backend

Diffusers

UI

Standard

Branch

Master

Model

Other

Acknowledgements

• I have read the above and searched for existing issues
• I confirm that this is classified correctly and its not an extension issue

[vladmandic]

this is a valid request, but git+ssh was never tested nor advertised as supported.
please convert this from issue to feature request and i'll see if this can be added in the near future.

[dark-penguin]

By "convert", I guess you mean just change the title, or is there something else I must do?

[vladmandic]

that's pretty much it, no need to re-file.

[vladmandic]

this is not a git-python or git issue at all and ssh public key is getting read and used.
but there is something wrong that is corrupting ssh environment causing this:

Bad packet length 2612483236.

i've reproduced using ssh -vT git@github.com executed as a python subprocess.run within and outside of sdnext.