One of the protocol git offers uses ssh so that one can clone repositories using an ssh key to connect to the remote service.

This has one requirement: interactively accept the connection to the remote server on first connection (as must be done when using the ssh cli) or if the server keys are changed.

This operation is not possible when in an init container since there's no users to accept the connection.

There are several options in order to use the protocol anyway:

• Deactivate the remote validation (which is in fact not an option for security reasons)
• Provide a known_hosts file to the container with a set of validated known hosts.

The latter can be achieved using a ConfigMap. If not using a standard path, theSSH_KNOWN_HOSTS environment variable can be used to point ssh to where the file is mounted.