我想用github私有存储库为本地开发环境创建cookbook。
然而,当厨师试图克隆git repo时,github会返回权限被拒绝错误。
SSH转发工作正常,SSH_AUTH_SOCK env由cookbook' sudo'设置。
通过vagrant ssh,sudo ssh -T git@github.com和sudo git clone git@github.com:myorg/myproject.git都成功。
如何解决此问题?
这是我食谱的一部分
deploy_user = node["git_repository_to_deploy"]["deploy_user"]
ssh_known_hosts_entry 'github.com'
git "/home/#{deploy_user}/sync_folder" do
repository 'git@github.com:myorg/myproject.git'
reference 'master'
action :sync
user deploy_user
group deploy_user
retries 3
end
及以下是角色[' web'] json。
的一部分{
"name": "web",
"chef_type": "role",
"json_class": "Chef::Role",
"default_attributes": {
"authorization": {
"sudo": {
"include_sudoers_d": true,
"passwordless": true,
"sudoers_defaults": [
"env_reset",
"env_keep = \"COLORS DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR\"",
"env_keep += \"LS_COLORS MAIL PS1 PS2 QTDIR USERNAME\"",
"env_keep += \"LANG LC_ADDRESS LC_CTYPE LC_COLLATE LC_IDENTIFICATION\"",
"env_keep += \"LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC\"",
"env_keep += \"LC_PAPER LC_TELEPHONE LC_TIME LC_ALL LANGUAGE LINGUAS \"",
"env_keep += \"_XKB_CHARSET XAUTHORITY SSH_AUTH_SOCK\""
]
}
},
"nginx": {
"env": ["ruby"]
},
"ruby-env": {
"version": "2.3.0",
"rbenv_url": "https://github.com/sstephenson/rbenv",
"ruby-build_url": "https://github.com/sstephenson/ruby-build"
}
},
"run_list": [
"recipe[yum-epel]",
"recipe[nginx]",
"recipe[nginx-conf]",
"recipe[nodejs]",
"recipe[readline]",
"recipe[ruby-env]",
"recipe[postgresql]",
"recipe[imagemagick]",
"recipe[sudo]",
"recipe[github]",
]
}
以下是Vagrantfile。
Vagrant.configure(2) do |config|
config.vm.box = "bento/centos-6.7"
config.vm.network "private_network", ip: "192.168.33.10"
config.ssh.forward_agent = true
config.vm.synced_folder "./sync_folder", "/home/vagrant/sync_folder"
end
以下是我的〜/ .ssh / config
Host github.com
ForwardAgent yes
当我输入
时bundle exec knife solo bootstrap local-development
chef返回此错误。
Recipe: github::default
* git[/home/vagrant/sync_folder] action sync
================================================================================
Error executing action `sync` on resource 'git[/home/vagrant/sync_folder]'
================================================================================
Mixlib::ShellOut::ShellCommandFailed
------------------------------------
Expected process to exit with [0], but received '128'
---- Begin output of git ls-remote "git@github.com:myorg/myproject.git" "master*" ----
STDOUT:
STDERR: Permission denied (publickey).
fatal: The remote end hung up unexpectedly
---- End output of git ls-remote "git@github.com:myorg/myproject.git" "master*" ----
Ran git ls-remote "git@github.com:myorg/myproject.git" "master*" returned 128
Running handlers:
[2016-03-03T09:02:23+00:00] ERROR: Running exception handlers
Running handlers complete
[2016-03-03T09:02:23+00:00] ERROR: Exception handlers complete
Chef Client failed. 8 resources updated in 25 seconds
[2016-03-03T09:02:23+00:00] FATAL: Stacktrace dumped to /var/chef/cache/chef-stacktrace.out
[2016-03-03T09:02:23+00:00] FATAL: Please provide the contents of the stacktrace.out file if you file a bug report
[2016-03-03T09:02:23+00:00] ERROR: git[/home/vagrant/sync_folder] (cloudtip::default line 10) had an error: Mixlib::ShellOut::ShellCommandFailed: Expected process to exit with [0], but received '128'
---- Begin output of git ls-remote "git@github.com:myorg/myproject.git" "master*" ----
STDOUT:
STDERR: Permission denied (publickey).
fatal: The remote end hung up unexpectedly
---- End output of git ls-remote "git@github.com:myorg/myproject.git" "master*" ----
Ran git ls-remote "git@github.com:myorg/myproject.git" "master*" returned 128
[2016-03-03T09:02:23+00:00] FATAL: Chef::Exceptions::ChildConvergeError: Chef run process exited unsuccessfully (exit code 1)
ERROR: RuntimeError: chef-solo failed. See output above.
答案 0 :(得分:0)
确实,这是预期的。 knife solo无法转发您的SSH代理凭据。期望您将使用Chef来部署您的部署密钥并使用带有git资源的SSH包装器。查看application_git cookbook以获取更简单的资源。