Reputation: 1
issue with cloning private git repo with chef-solo
I am trying to use chef-solo to pull private git repo. I used following steps to create my setup.
- Create necessary data bags to encrypt private ssh keys
a. create encrypted key file
EDITOR=vim knife solo data bag create secret --secret_file=...
b. remove newline and copy to clipboard
Select cat ~/.ssh/id_rsa | tr -d '\r\n' > pbcopy
c. Edit the file with
> {
> “id”: “<app_name>”,
> “private_key”: <Private key copied from clipboard>
}
d. It correctly creates data bag and I can view it
- knife solo data bag show secrets <app_name>
- knife solo data bag show secrets <app_name> --secret-file ~/.chef/encrypted_data_bag_secret
ssh-wrapper to refer to the private key file
#!/bin/sh exec ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i "/home/ubuntu/.ssh/id_rsa" "$@"
Using git resource, checkout or clone the repo
git "#{node[:test][:base]}/test" do repository "[email protected]/test.git" reference "master" action :sync destination node[:test][:base] user "#{node[:test][:user]}" group "#{node[:test][:user]}" ssh_wrapper "#{node[:test][:base]}/.ssh/git-ssh-wrapper.sh" end
The attributes.rb file contains following
default[:test][:base] = "/home/ubuntu"
default[:test][:log_dir] = "/var/log/test"
default[:test][:loglevel] = "info"
default[:test][:user] = "ubuntu"
default[:test][:virtualenv] ="/home/ubuntu/environments/test"
default[:test][:deploy_repo] = "[email protected]:test/test.git"
default[:test][:deploy_branch] = "master"
default[:test][:deploy_dir] = "/srv/test"
In the end, when I run following command 'knife solo bootstrap ubuntu@' I observe following.
- The code gets stuck, while running "sync" action and never completes it.
- On the AWS instance, the private key id_rsa is being generated in .ssh directory, however when performing ssh-add ~/.ssh/id_rsa it asks for passphrase (even if the original ssh-keygen command did not have any password)
- On the AWS instance, performing manual git ls remote [email protected]:test fails while it's successful on local machine The authentication daemon is not running by default, so how to start it automatically?
Again, all of the above can be due to the fact that private key. However, while comparing the decrypted private key content on remote machine matches the local private key (original key without encryption).
It would be great, to get some insight into the above behavior and potential solution.
Upvotes: 0
Views: 268
Answers (0)
Related Questions
- Test Kitchen failing when cloning a private repo
- How to automate cloning private GitHub with Chef
- Chef running git clone results in host key verification error
- Checkout git repo with chef with ssh key
- Troubles Cloning a Chef Private Repo Using Test Kitchen
- How to use deploy ssh key to clone private repos using Chef 12 on AWS OpsWorks
- vagrant + chef setup trying to git clone into synced folder
- Can't run chef-solo command through ssh
- Deploying a private repo in Chef: What am I doing wrong with my deploy key?
- How to pull private git repo using chef from gitolite