Ansible bitbucket克隆配置ssh错误
Ansible bitbucket clone provisioning ssh error
总而言之,当我使用 Ansible 配置我的 vagrant box 时,我在尝试使用 ssh 克隆我的 bitbucket 私有存储库时抛出了一个神秘的错误。
错误指出“主机密钥验证失败”。
然而,如果我使用 vagrant ssh 然后 运行 'git clone' 命令,私人仓库就成功克隆了。这表明 ssh 转发代理确实在工作,vagrant box 可以访问我与 bitbucket 存储库关联的私钥。
我在这个问题上纠结了两天,快疯了!
请有人帮助我!!!
Vagrantfile:
Vagrant.configure("2") do |config|
config.vm.box = "ubuntu/xenial64"
config.vm.network "private_network", ip: "192.168.33.10"
config.ssh.forward_agent = true
# Only contains ansible dependencies
config.vm.provision "shell",
inline: "sudo apt-get install python-minimal -y"
# Use ansible for all provisioning:
config.vm.provision "ansible" do |ansible|
ansible.playbook = "provisioning/playbook.yml"
end
end
我的playbook.yml如下:
---
- hosts: all
become: true
tasks:
- name: create /var/www/ directory
file: dest=/var/www/ state=directory owner=www-data group=www-data mode=0755
- name: Add the user 'ubuntu' to group 'www-data'
user:
name: ubuntu
shell: /bin/bash
groups: www-data
append: yes
- name: Clone bitbucket repo
git:
repo: git@bitbucket.org:gustavmahler/example.com.git
dest: /var/www/poo
version: master
accept_hostkey: yes
错误信息:
vagrant provision
TASK [common : Clone bitbucket repo] *******************************************
fatal: [default]: FAILED! => {"changed": false, "cmd": "/usr/bin/git clone --origin origin '' /var/www/poo", "failed": true, "msg": "Cloning into '/var/www/poo'...\nWarning: Permanently added the RSA host key for IP address '104.192.143.3' to the list of known hosts.\r\nPermission denied (publickey).\r\nfatal: Could not read from remote repository.\n\nPlease make sure you have the correct access rights\nand the repository exists.", "rc": 128, "stderr": "Cloning into '/var/www/poo'...\nWarning: Permanently added the RSA host key for IP address '104.192.143.3' to the list of known hosts.\r\nPermission denied (publickey).\r\nfatal: Could not read from remote repository.\n\nPlease make sure you have the correct access rights\nand the repository exists.\n", "stderr_lines": ["Cloning into '/var/www/poo'...", "Warning: Permanently added the RSA host key for IP address '104.192.143.3' to the list of known hosts.", "Permission denied (publickey).", "fatal: Could not read from remote repository.", "", "Please make sure you have the correct access rights", "and the repository exists."], "stdout": "", "stdout_lines": []}
附加信息:
- ssh-add -l 在我的机器上确实包含关联的 bitbucket repo 密钥。
- ssh-add -l 在 vagrant box 中也包含相关的 bitbucket repo 密钥(通过 ssh-forwarding)。
然而,如果在 vagrant box 中手动完成克隆工作 ?:
vagrant ssh
git clone git@bitbucket.org:myusername/myprivaterepo.com.git
Then type "yes" to allow the RSA fingerprint to be added to ~/.ssh/known_hosts (as its first connection with bitbucket)
可能的解决方案?
我在 Ansible 文档中看到有一个 key_file: 选项。我如何引用位于 vagrant box 之外并使用 ssh 转发传入的私钥?
我的 ~/.ssh/ 中确实有多个用于不同实体的 ssh 密钥 当 Ansible 配置的 运行 没有选择正确的密钥时,也许 git clone 命令?
非常感谢任何帮助,感谢阅读我的噩梦。
由于您 运行 整个剧本 become: true,SSH 密钥转发(以及故障排除)变得无关紧要,因为从您的剧本连接到 BitBucket 的用户是 root .
运行 作为 ubuntu 用户连接到 BitBucket 的任务:
要么在 Clone bitbucket repo 任务中指定 become: false),
或从游戏中删除 become: true 并将其仅添加到需要提升权限的任务。
此答案直接来自 techraf 的有用评论。
- 我将 /var/www 目录的所有者从 'www-data' 更改为
'ubuntu'(我用来通过 ssh 登录的用户名)。
- 我还在 git 任务上面添加了 "become: false"。
注意:我一直在处理以下问题,所以这个答案并不能完全解决我的问题:
已更新工作 playbook.yml 文件:
---
- hosts: all
become: true
tasks:
- name: create /var/www/ directory
file: dest=/var/www/ state=directory owner=ubuntu group=www-data mode=0755
- name: Add the user 'ubuntu' to group 'www-data'
user:
name: ubuntu
shell: /bin/bash
groups: www-data
append: yes
- name: Clone bitbucket repo
become: false
git:
repo: git@bitbucket.org:[username]/example.com.git
dest: /var/www/poo
version: master
accept_hostkey: yes
总而言之,当我使用 Ansible 配置我的 vagrant box 时,我在尝试使用 ssh 克隆我的 bitbucket 私有存储库时抛出了一个神秘的错误。 错误指出“主机密钥验证失败”。
然而,如果我使用 vagrant ssh 然后 运行 'git clone' 命令,私人仓库就成功克隆了。这表明 ssh 转发代理确实在工作,vagrant box 可以访问我与 bitbucket 存储库关联的私钥。
我在这个问题上纠结了两天,快疯了! 请有人帮助我!!!
Vagrantfile:
Vagrant.configure("2") do |config|
config.vm.box = "ubuntu/xenial64"
config.vm.network "private_network", ip: "192.168.33.10"
config.ssh.forward_agent = true
# Only contains ansible dependencies
config.vm.provision "shell",
inline: "sudo apt-get install python-minimal -y"
# Use ansible for all provisioning:
config.vm.provision "ansible" do |ansible|
ansible.playbook = "provisioning/playbook.yml"
end
end
我的playbook.yml如下:
---
- hosts: all
become: true
tasks:
- name: create /var/www/ directory
file: dest=/var/www/ state=directory owner=www-data group=www-data mode=0755
- name: Add the user 'ubuntu' to group 'www-data'
user:
name: ubuntu
shell: /bin/bash
groups: www-data
append: yes
- name: Clone bitbucket repo
git:
repo: git@bitbucket.org:gustavmahler/example.com.git
dest: /var/www/poo
version: master
accept_hostkey: yes
错误信息:
vagrant provision
TASK [common : Clone bitbucket repo] *******************************************
fatal: [default]: FAILED! => {"changed": false, "cmd": "/usr/bin/git clone --origin origin '' /var/www/poo", "failed": true, "msg": "Cloning into '/var/www/poo'...\nWarning: Permanently added the RSA host key for IP address '104.192.143.3' to the list of known hosts.\r\nPermission denied (publickey).\r\nfatal: Could not read from remote repository.\n\nPlease make sure you have the correct access rights\nand the repository exists.", "rc": 128, "stderr": "Cloning into '/var/www/poo'...\nWarning: Permanently added the RSA host key for IP address '104.192.143.3' to the list of known hosts.\r\nPermission denied (publickey).\r\nfatal: Could not read from remote repository.\n\nPlease make sure you have the correct access rights\nand the repository exists.\n", "stderr_lines": ["Cloning into '/var/www/poo'...", "Warning: Permanently added the RSA host key for IP address '104.192.143.3' to the list of known hosts.", "Permission denied (publickey).", "fatal: Could not read from remote repository.", "", "Please make sure you have the correct access rights", "and the repository exists."], "stdout": "", "stdout_lines": []}
附加信息:
- ssh-add -l 在我的机器上确实包含关联的 bitbucket repo 密钥。
- ssh-add -l 在 vagrant box 中也包含相关的 bitbucket repo 密钥(通过 ssh-forwarding)。
然而,如果在 vagrant box 中手动完成克隆工作 ?:
vagrant ssh
git clone git@bitbucket.org:myusername/myprivaterepo.com.git
Then type "yes" to allow the RSA fingerprint to be added to ~/.ssh/known_hosts (as its first connection with bitbucket)
可能的解决方案?
我在 Ansible 文档中看到有一个 key_file: 选项。我如何引用位于 vagrant box 之外并使用 ssh 转发传入的私钥?
我的 ~/.ssh/ 中确实有多个用于不同实体的 ssh 密钥 当 Ansible 配置的 运行 没有选择正确的密钥时,也许 git clone 命令?
非常感谢任何帮助,感谢阅读我的噩梦。
由于您 运行 整个剧本 become: true,SSH 密钥转发(以及故障排除)变得无关紧要,因为从您的剧本连接到 BitBucket 的用户是 root .
运行 作为 ubuntu 用户连接到 BitBucket 的任务:
要么在
Clone bitbucket repo任务中指定become: false),或从游戏中删除
become: true并将其仅添加到需要提升权限的任务。
此答案直接来自 techraf 的有用评论。
- 我将 /var/www 目录的所有者从 'www-data' 更改为 'ubuntu'(我用来通过 ssh 登录的用户名)。
- 我还在 git 任务上面添加了 "become: false"。
注意:我一直在处理以下问题,所以这个答案并不能完全解决我的问题:
已更新工作 playbook.yml 文件:
---
- hosts: all
become: true
tasks:
- name: create /var/www/ directory
file: dest=/var/www/ state=directory owner=ubuntu group=www-data mode=0755
- name: Add the user 'ubuntu' to group 'www-data'
user:
name: ubuntu
shell: /bin/bash
groups: www-data
append: yes
- name: Clone bitbucket repo
become: false
git:
repo: git@bitbucket.org:[username]/example.com.git
dest: /var/www/poo
version: master
accept_hostkey: yes