When we run a script containing Task.init from within our repo, it creates a repo URL that looks like this:

Now the agents trying to execute this task fail with:
cloning: agent_user@git.mycompany.com: Permission denied (publickey). fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists.
An easy fix is to change the URL in the UI to include the user, e.g. ssh://git@git.mycompany.com:2022/myuser/repo.git , but as mentioned by AgitatedDove14 https://github.com/allegroai/clearml-agent/issues/42#issuecomment-757045256 , this does not scale well.

Using a config
I also tried creating a config, like:
Host git.mycompany.com HostName 123.123.123.123 IdentityFile ~/.ssh/id_rsa IdentitiesOnly yes User git Port 2022Running the clone command outside of the docker container ( git clone ssh://git.mycompany.com:2022/myuser/repo.git ) work with this - but within the docker container, SSH refuses to use the config because the owner of the config does not match ( agent_user vs root ).

I see many potential ways to solve this, but I am not sure what is the best. Maybe I am also missing an obvious solution?
Ideally, we could set the repo user in the config on developer machines when we create the task, thereby having the correct URL directly stored in the backend. Alternatively, could we use Task.update() or something to update the repo after the call to Task.init() ? Would that propagate into the backend? And would you have an example snippet? Could the option agent.force_git_ssh_user = "git" be extended from the use-case of rewriting https to ssh URLs to also rewrite ssh URLs?
Any input would be greatly appreciated! 🙂