问题描述
我之前发布过这个问题,但那里的答案不再有效.
I have previously posted this question but the answer there no longer works.
总而言之,在使用 Ansible 配置我的 vagrant box 时,我在尝试使用 ssh 克隆我的 bitbucket 私有存储库时遇到了一个神秘的错误.错误指出权限被拒绝(公钥)".
In summary, When provisioning my vagrant box using Ansible, I get thrown a mysterious error when trying to clone my bitbucket private repo using ssh. The error states "Permission denied (publickey)".
然而,如果我 vagrant ssh 然后运行 'git clone' 命令,私有仓库就被成功克隆了.这表明 ssh 转发代理确实在工作,并且 vagrant box 可以访问我与 bitbucket 存储库关联的私钥.
Yet if I vagrant ssh and then run the 'git clone' command, the private repo is successfully cloned. This indicates that the ssh forward agent is indeed working and the vagrant box can access my private key associated with the bitbucket repo.
我已经在这个问题上苦苦挣扎了两天,现在正在失去理智!请有人帮帮我!!!
I have been struggling for two days on this issue and am loosing my mind! Please, somebody help me!!!
流浪文件:
Vagrant.configure("2") do |config|
config.vm.box = "ubuntu/xenial64"
config.vm.network "private_network", ip: "192.168.33.14"
config.ssh.forward_agent = true
config.vm.provider "virtualbox" do |vb|
vb.memory = "1824"
end
# Only contains ansible dependencies
config.vm.provision "shell",
inline: "sudo apt-get install python-minimal -y"
end
我的 playbook.yml 如下:
---
- hosts: all
become: true
tasks:
- name: create /var/www/ directory
file: dest=/var/www/ state=directory owner=ubuntu group=www-data mode=0755
- name: Add the user 'ubuntu' to group 'www-data'
user:
name: ubuntu
shell: /bin/bash
groups: www-data
append: yes
- name: Clone [My-Repo] bitbucket repo
become: false
git:
repo: git@bitbucket.org:[Username]/[My-Repo].com.git
dest: /var/www/poo
version: master
accept_hostkey: yes
错误信息:ansible-playbook playbook.yml
Error Message: ansible-playbook playbook.yml
fatal: [192.168.33.14]: FAILED! => {"changed": false, "cmd": "/usr/bin/git clone --origin origin '' /var/www/poo", "failed": true, "msg": "Cloning into '/var/www/poo'...\nPermission denied (publickey).\r\nfatal: Could not read from remote repository.\n\nPlease make sure you have the correct access rights\nand the repository exists.", "rc": 128, "stderr": "Cloning into '/var/www/poo'...\nPermission denied (publickey).\r\nfatal: Could not read from remote repository.\n\nPlease make sure you have the correct access rights\nand the repository exists.\n", "stderr_lines": ["Cloning into '/var/www/poo'...", "Permission denied (publickey).", "fatal: Could not read from remote repository.", "", "Please make sure you have the correct access rights", "and the repository exists."], "stdout": "", "stdout_lines": []}
附加信息:
- ssh-add -l 在我的机器上确实包含相关的 bitbucket 存储库密钥.
- ssh-add -l 在 vagrant 框内也包含相关的 bitbucket 存储库密钥(通过 ssh-forwarding).
- ssh-add -l on my machine does contain the associated bitbucket repo key.
- ssh-add -l inside the vagrant box does also contain the associated bitbucket repo key (through ssh-forwarding).
但是如果在 vagrant box 中手动完成克隆操作?:
vagrant ssh
git clone git@bitbucket.org:myusername/myprivaterepo.com.git
Then type "yes" to allow the RSA fingerprint to be added to ~/.ssh/known_hosts (as its first connection with bitbucket)
非常感谢您的帮助,并感谢您阅读我的噩梦.
Any help is greatly appreciated and thanks for reading my nightmare.
推荐答案
这通常意味着 Ansible 不会尝试使用与使用 vagrant ssh
的用户相同的用户克隆存储库.
This generally means Ansible is not trying to clone the repo with the same user than the one use with vagrant ssh
.
更好地调试正在发生的事情的一个技巧是运行命令:
One trick to better debug what is going on is to run the command:
GIT_SSH_COMMAND='ssh -v' git clone ...
这样,您将准确地看到尝试了哪些 ssh 密钥.
That way, you will see exactly which ssh keys are tried.
正如 kostix 建议的 在评论中,添加id
(或id -a
) 在 Ansible 命令中也会有帮助.
As kostix suggests in the comments, adding the id
(or id -a
) in the Ansible commands would be helpful too.
OP Gustavmahler 确认 在评论中:
您是对的:Ansible 将存储库克隆为与我预期不同的用户.
我添加了以下修复任务的内容:
become: true
become_user: vagrant
这篇关于Ansible bitbucket clone repo 配置 ssh 错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!