bootstraping fills known-hosts with wrong ssh-key-algorithm

[FranziskusWild]

Describe the bug

After bootstraping flux (using gitlab with ssh deploy key) the git repo flux-system couldn't sync.
I found that the known_hosts in the flux-system secret are not set according to the used ssh-key-algorithm, but to the default ecdsa.

The bootstrap command gives the following result:

► cloning branch "main" from Git repository "ssh://git@gitlab.com/travekom/smart-city-services/shared-tools/devops/infrastructure-definitions/produkt-clusters.git"
✔ cloned repository
► generating component manifests
✔ generated component manifests
✔ component manifests are up to date
✔ reconciled components
► determining if source secret "flux-system/flux-system" exists
► generating source secret
✔ public key: ssh-ed25519 ...
Please give the key access to your repository: y
? Please give the key access to your repository? [y/N] y█
✔ reconciled source secret
► generating sync manifests
✔ generated sync manifests
✔ sync manifests are up to date
► applying sync manifests
✔ reconciled sync configuration
◎ waiting for Kustomization "flux-system/flux-system" to be reconciled
✗ client rate limiter Wait returned an error: context deadline exceeded
► confirming components are healthy
✔ helm-controller: deployment ready
✔ image-automation-controller: deployment ready
✔ image-reflector-controller: deployment ready
✔ kustomize-controller: deployment ready
✔ notification-controller: deployment ready
✔ source-controller: deployment ready
✔ all components are healthy
✗ bootstrap failed with 1 health check failure(s)

Git repo fails with error

failed to checkout and determine revision: unable to clone 'ssh://git@gitlab.com/travekom/smart-city-services/shared-tools/devops/infrastructure-definitions/produkt-clusters.git': dial tcp 172.65.251.78:22: connect: connection timed out

Ready: Unknown
Status: building artifact

Steps to reproduce

flux bootstrap git
--url=ssh://git@gitlab.com/...
--branch=main
--private-key-file=...
--password=...
--path=clusters/...
--ssh-key-algorithm ed25519 \

Expected behavior

I would expect the bootstarpping process to go forth, especially the git_repo to be able to sync

Screenshots and recordings

No response

OS / Distro

Fedora 39

Flux version

v2.1.0

Flux check

► checking prerequisites
✗ flux 2.1.0 <2.2.2 (new version is available, please upgrade)
✗ Kubernetes version v1.22.9 does not match >=1.25.0-0
► checking controllers
✔ helm-controller: deployment ready
► ghcr.io/fluxcd/helm-controller:v0.36.0
✔ image-automation-controller: deployment ready
► ghcr.io/fluxcd/image-automation-controller:v0.36.0
✔ image-reflector-controller: deployment ready
► ghcr.io/fluxcd/image-reflector-controller:v0.30.0
✔ kustomize-controller: deployment ready
► ghcr.io/fluxcd/kustomize-controller:v1.1.0
✔ notification-controller: deployment ready
► ghcr.io/fluxcd/notification-controller:v1.1.0
✔ source-controller: deployment ready
► ghcr.io/fluxcd/source-controller:v1.1.0
► checking crds
✔ alerts.notification.toolkit.fluxcd.io/v1beta2
✔ buckets.source.toolkit.fluxcd.io/v1beta2
✔ gitrepositories.source.toolkit.fluxcd.io/v1
✔ helmcharts.source.toolkit.fluxcd.io/v1beta2
✔ helmreleases.helm.toolkit.fluxcd.io/v2beta1
✔ helmrepositories.source.toolkit.fluxcd.io/v1beta2
✔ imagepolicies.image.toolkit.fluxcd.io/v1beta2
✔ imagerepositories.image.toolkit.fluxcd.io/v1beta2
✔ imageupdateautomations.image.toolkit.fluxcd.io/v1beta1
✔ kustomizations.kustomize.toolkit.fluxcd.io/v1
✔ ocirepositories.source.toolkit.fluxcd.io/v1beta2
✔ providers.notification.toolkit.fluxcd.io/v1beta2
✔ receivers.notification.toolkit.fluxcd.io/v1
✗ check failed

Git provider

GitLab

Container Registry provider

No response

Additional context

No response

Code of Conduct

• I agree to follow this project's Code of Conduct

[stefanprodan]

You can create the flux-system secret before running bootstrap, and source-controller will use the know_hosts you've set in cluster. The SSH secret format is documented here: https://fluxcd.io/flux/components/source/gitrepositories/#ssh-authentication