厨师git cookbook:克隆私人回购时如何修复被拒绝的权限?

时间:2015-07-18 23:05:00

标签: git chef

我有一本食谱,使用deploy_key cookbook生成部署密钥& git cookbook克隆私人gitlab项目。

Chef总是说他已经成功部署了密钥并给予了适当的权利。

但有时它工作正常,有时会出现以下错误,我无法理解。

==> default: ================================================================================
==> default: Error executing action `sync` on resource 'git[/home/vagrant/webtest]'
==> default: ================================================================================
==> default: Mixlib::ShellOut::ShellCommandFailed
==> default: ------------------------------------
==> default: Expected process to exit with [0], but received '128'
==> default: ---- Begin output of git ls-remote "git@gitlab.example.com:qa/webtest.git" "HEAD" ----
==> default: Permission denied, please try again.
==> default: Permission denied, please try again.
==> default: Permission denied (publickey,password).
==> default: fatal: Could not read from remote repository.
==> default: Please make sure you have the correct access rights
==> default: and the repository exists.
==> default: ---- End output of git ls-remote "git@gitlab.example.com:qa/webtest.git" "HEAD" ----
==> default: Ran git ls-remote "git@gitlab.example.com:qa/webtest.git" "HEAD" returned 128

此外,如果厨师未能使用以下消息克隆项目,第二项规定(我已尝试vagrant provision)尝试将正常工作(与我将登录VM并手动克隆项目相同) )。

我认为有时钥匙没有及时部署..但根据厨师的输出,他们必须做好准备。

可能是什么问题?

我正在部署密钥(每个部署新密钥都是使用gitlab project_id和token生成的:)

deploy_key "my_project_deploy_key" do
    provider Chef::Provider::DeployKeyGitlab
    path "#{node['webtest']['home_dir']}/.ssh"
    credentials({
        :token => node['webtest']['gitlab']['token']
    })
    api_url "#{node['webtest']['gitlab']['api_scheme']}://#{node['webtest']['gitlab']['api_domain']}"
    repo  node['webtest']['gitlab']['project_id']
    owner node['webtest']['user']
    group node['webtest']['group']
    mode 00600
    action :add
end

我正在用这种方式克隆回购:

git "#{node['webtest']['home_dir']}/webtest" do
    repository node['webtest']['git']['repo']
    checkout_branch node['webtest']['git']['branch']
    ssh_wrapper "#{node['webtest']['home_dir']}/.ssh/wrap-ssh4git.sh"
    user node['webtest']['user']
    group node['webtest']['group']
    enable_checkout false
    action :sync
end

1 个答案:

答案 0 :(得分:0)

要使示例正常工作,您需要让gitlab.example.com知道您的公钥,以便ssh可以使用您的私钥进行连接。

方法各不相同,但对于现代Linux计算机,ssh-copy-id可以更容易地正确复制公钥。

相关问题
最新问题