Ansible And Git Permission Denied (publickey) At Git Clone


Answer :

By reading the documentation for ssh forwarding in ansible. I was able to figure out the solution.

The problem was that my ssh keys were not being forwarded because Ansible does not by default forward your keys, even if you have set up the key forwarding on ~/.ssh/conf (I updated my question with the ansible.cfg that I had before fixing the issue).

The solution is was to add transport = ssh to ansible.cfg under [defaults] plus running ansible-playbook from the location where ansible.cfg is located and make sure thet the following setting exists in the /etc/ssh/sshd_config of the target box:

AllowAgentForwarding yes

My ansible.cfg now looks like this:

[defaults] transport = ssh  [ssh_connection] ssh_args = -o ForwardAgent=yes

To clone the private github repo over the remote server, I am doing this:

First add the ssh key to your ssh-agent:

eval `ssh-agent -s` ssh-add ~/.ssh/my-private-key.pem

After that I have modified the ansible.cfg:

[defaults] transport = ssh sudo_flags = -HE  [ssh_connection] ssh_args = -o ForwardAgent=yes

Now you can clone the github private repo even as root user

Normally, I also add these two tasks in my playbook/roles tasks as well:

- name: Tell the host about our servers it might want to ssh to   known_hosts:     path: '/etc/ssh/known_hosts'     name: 'github.com'     key: "{{ lookup('pipe', 'ssh-keyscan -t rsa bitbucket.org') }}"  - name: Upload sudo config for key forwarding as root   lineinfile:     dest: /etc/sudoers.d/ssh_key_forward     line: 'Defaults env_keep+=SSH_AUTH_SOCK'     create: yes     owner: root      group: root      mode: "0440"     state: present     validate: 'visudo -c -f %s'

Strange, it work for me. If the ssh option didn't work for you then you can use the username/password option like this:

- name: Pull the code   git:     repo: "https://{{ bitbucket_login }}:{{ bitbucket_password|urlencode }}@bitbucket.org/path/project.git"     dest: /var/www/myproject     version: master

Hope that might helpful for you and others


Comments

Post a Comment

Popular posts from this blog

Chemistry - Bond Angles In NH3 And NCl3

Answer : Solution 1: As Tan Yong Boon stated, it is Bent’s Rule with which we can explain the lower bond angle of \ce N F 3 \ce{NF3} \ce NF 3 when compared to \ce N H 3 \ce{NH3} \ce N H 3 . The rule as stated by Henry Bent: Atomic s character concentrates in orbitals directed towards electropositive substituents. Fluorine is more electronegative that hydrogen, and the \ce N − F \ce{N−F} \ce N − F bond would have greater p character than the \ce N − H \ce{N−H} \ce N − H bond. And more s character leads to large bond angles. Thus, the bond angle is greater in \ce N H 3 \ce{NH3} \ce N H 3 than in \ce N F 3 \ce{NF3} \ce NF 3 . Now, consider \ce N C l 3 \ce{NCl3} \ce NCl 3 . Clearly, \ce C l \ce{Cl} \ce Cl atom islarger in size than the central atom, nitrogen. Hence the higher bond angle here is due to the steric crowding caused by \ce C l \ce{Cl} \ce Cl atoms.(More pronounced than the electrongativity of \ce C l \ce{Cl} \ce Cl atom). They repel eachother and hence b...
Read more

Are Regular VACUUM ANALYZE Still Recommended Under 9.1?

Answer : VACUUM is only needed on updated or deleted rows in non-temporary tables. Obviously you're doing lots of INSERTs but it's not obvious from the description that you're also doing lots of UPDATEs or DELETEs. These operations can be tracked with the pg_stat_all_tables view, specifically the n_tup_upd and n_tup_del columns. Also, even more to the point, there is a n_dead_tup column that tells, per table, how much rows need to be vacuumed. (see Monitoring statistics in the doc for functions and views related to statistics gathering). A possible strategy in your case would be to suppress the scheduled VACUUM, keeping an eye on this view and checking on which tables the n_dead_tup is going up significantly. Then apply the aggressive VACUUM to these tables only. This will be a win if there are large tables whose rows never get deleted nor updated and the aggressive VACUUM is really necessary only on smaller tables. But keep running the ANALYZE for the optimiz...
Read more

Change The Font Size Of Visual Studio Solution Explorer

Answer : Go to Tools->Options->Environment->Fonts and Colors In "Show Settings for" chose "Environment Font" In "Font" replace Automatic to for example, Arial and change size. Change the font size of that setting, all Font size in the Explorers (Solution Explorer, Server Explorer and Toolbox) and menus will change. You can set that in Tools, Options.
Read more