Question

我在尝试从gitolite克隆私有git存储库时遇到了麻烦。我正在安装git 2.8.1并使用Chef 12.9。我正在尝试创建一个SSH包装器，厨师git资源可以使用它来验证我的存储库。

....
file "/tmp/ssh_wrapper.sh" do
  content "#!/bin/sh\nexec /usr/bin/ssh -i #{/tmp/key.pem} \"$@\""
  user "root"
  group "root"
  mode "0700"
  action :create
end
git "/home/some_repo" do
  repository "git@cookbooks.somecompany.com:some_repo.git"
  revision "1.0.0"
  user "root"
  group "root"
  ssh_wrapper "/tmp/ssh_wrapper.sh"
  action :sync
end
....

尝试使用测试厨房同步到git repo时出现以下错误。

================================================================================
           Error executing action `sync` on resource 'git[/home/some_repo]'
           ===========================================================================    =====

           Mixlib::ShellOut::ShellCommandFailed
           ------------------------------------
           Expected process to exit with [0], but received '128'
           ---- Begin output of git ls-remote "git@cookbooks.somecompany.com:some_repo.git" "1.0.0*" ----
           STDOUT:
           STDERR: Host key verification failed.
           fatal: Could not read from remote repository.

           Please make sure you have the correct access rights
           and the repository exists.
           ---- End output of git ls-remote "git@cookbooks.somecompany.com:some_repo.git" "1.0.0*" ----
           Ran git ls-remote "git@cookbooks.somecompany.com:some_repo.git" "1.0.0*" returned 128

           Resource Declaration:
           ---------------------
           # In /tmp/kitchen/cookbooks/version_control/definitions/some_git_repo.rb

            33:   git "/home/some_repo" do
            34:     repository "git@cookbooks.somecompany.com:some_repo.git"
            35:     revision "1.0.0"
            36:     user "root"
            37:     group "root"
            38:     ssh_wrapper "/tmp/ssh_wrapper.sh"
            39:     action :sync
            40:   end
            41:   # Remote the SSH private key

           Compiled Resource:
           ------------------
           # Declared in /tmp/kitchen/cookbooks/version_control/definitions/some_git_repo.rb:33:in `block in from_file'

           git("/home/some_repo") do
             params {:owner=>"root", :group=>"root", :mode=>"700", :revision=>"1.0.2", :path=>"/home/", :name=>"some_repo"}
             action [:sync]
             retries 0
             retry_delay 2
             default_guard_interpreter :default
             destination "/home/some_repo"
             enable_checkout true
             revision "1.0.0"
             remote "origin"
             ssh_wrapper "/tmp/ssh_wrapper.sh"
             checkout_branch "deploy"
             declared_type :git
             cookbook_name :version_control
             recipe_name "test"
             repository "git@cookbooks.somecompany.com:some_repo.git"
             user "root"
             group "root"
           end

           Platform:
           ---------
           x86_64-linux


       Running handlers:
       [2016-05-02T21:27:02+00:00] ERROR: Running exception handlers
       Running handlers complete
       [2016-05-02T21:27:02+00:00] ERROR: Exception handlers complete
       Chef Client failed. 22 resources updated in 02 minutes 10 seconds
       [2016-05-02T21:27:02+00:00] FATAL: Stacktrace dumped to /tmp/kitchen/cache/chef-stacktrace.out
       [2016-05-02T21:27:02+00:00] FATAL: Please provide the contents of the stacktrace.out file if you file a bug report
       [2016-05-02T21:27:02+00:00] ERROR: git[/home/some_repo] (version_control::test line 33) had an error: Mixlib::ShellOut::ShellCommandFailed: Expected process to exit with [0], but received '128'
       ---- Begin output of git ls-remote "git@cookbooks.somecompany.com:some_repo.git" "1.0.0*" ----
       STDOUT:
       STDERR: Host key verification failed.
       fatal: Could not read from remote repository.

       Please make sure you have the correct access rights
       and the repository exists.
       ---- End output of git ls-remote "git@cookbooks.somecompany.com:some_company.git" "1.0.0*" ----
       Ran git ls-remote "git@cookbooks.somecompany.com:some_repo.git" "1.0.0*" returned 128
       [2016-05-02T21:27:02+00:00] FATAL: Chef::Exceptions::ChildConvergeError: Chef run process exited unsuccessfully (exit code 1)
>>>>>> Converge failed on instance <test-add-some-repo-ubuntu-1404>.
>>>>>> Please see .kitchen/logs/test-add-some-repo-ubuntu-1404.log for more details
>>>>>> ------Exception-------
>>>>>> Class: Kitchen::ActionFailed
>>>>>> Message: SSH exited (1) for command: [sh -c '

sudo -E /opt/chef/bin/chef-solo --config /tmp/kitchen/solo.rb --log_level auto --force-formatter --no-color --json-attributes /tmp/kitchen/dna.json
']
>>>>>> ----------------------

git资源的文档说ssh_wrapper属性设置GIT_SSH环境变量。当我通过test-kitchen登录到vagrant虚拟机时，运行以下命令......

GIT_SSH=/tmp/ssh_wrapper.sh git ls-remote "git@cookbooks.somecompany.com:some_repo.git" "1.0.0*"

...我可以访问存储库。

我在几个堆栈溢出帖子中尝试过这些解决方案但没有成功。 Chef git cookbook: how to fix permission denied while cloning private repo?，How to pull private git repo using chef from gitolite，Chef deploy_resource private repo, ssh deploy keys and ssh_wrapper，git error while deploying through chef

我也试过跑...

GIT_SSH=/tmp/ssh_wrapper.sh git ls-remote "git@cookbooks.somecompany.com:some_repo.git" "1.0.0*"

...使用bash并执行资源。

我不明白为什么我无法克隆此存储库。我好像错过了一些基本的东西，但我真的不知道是什么。任何帮助将不胜感激。

Answer 1

您的SSH包装器需要禁用主机密钥验证，或者您需要预先填充known_hosts文件。查看application_git cookbook，它将为您解决所有这些问题。

麻烦使用测试厨房克隆厨师私人回购

1 个答案: