Github存储库返回在食谱中拒绝的权限
问题描述:
我想用github私有存储库为本地开发环境创建食谱。Github存储库返回在食谱中拒绝的权限
但是,当厨师试图克隆git repo时,github返回权限被拒绝的错误。
SSH转发工作,SSH_AUTH_SOCK
env由cookbook'sudo'设置。
通过vagrant ssh
,sudo ssh -T [email protected]
和sudo git clone [email protected]:myorg/myproject.git
都成功。
我该如何解决这个问题?
这是我的食谱
deploy_user = node["git_repository_to_deploy"]["deploy_user"]
ssh_known_hosts_entry 'github.com'
git "/home/#{deploy_user}/sync_folder" do
repository '[email protected]:myorg/myproject.git'
reference 'master'
action :sync
user deploy_user
group deploy_user
retries 3
end
的一部分,下面是角色[ '网络'] JSON的一部分。
{
"name": "web",
"chef_type": "role",
"json_class": "Chef::Role",
"default_attributes": {
"authorization": {
"sudo": {
"include_sudoers_d": true,
"passwordless": true,
"sudoers_defaults": [
"env_reset",
"env_keep = \"COLORS DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR\"",
"env_keep += \"LS_COLORS MAIL PS1 PS2 QTDIR USERNAME\"",
"env_keep += \"LANG LC_ADDRESS LC_CTYPE LC_COLLATE LC_IDENTIFICATION\"",
"env_keep += \"LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC\"",
"env_keep += \"LC_PAPER LC_TELEPHONE LC_TIME LC_ALL LANGUAGE LINGUAS \"",
"env_keep += \"_XKB_CHARSET XAUTHORITY SSH_AUTH_SOCK\""
]
}
},
"nginx": {
"env": ["ruby"]
},
"ruby-env": {
"version": "2.3.0",
"rbenv_url": "https://github.com/sstephenson/rbenv",
"ruby-build_url": "https://github.com/sstephenson/ruby-build"
}
},
"run_list": [
"recipe[yum-epel]",
"recipe[nginx]",
"recipe[nginx-conf]",
"recipe[nodejs]",
"recipe[readline]",
"recipe[ruby-env]",
"recipe[postgresql]",
"recipe[imagemagick]",
"recipe[sudo]",
"recipe[github]",
]
}
以下是Vagrantfile。
Vagrant.configure(2) do |config|
config.vm.box = "bento/centos-6.7"
config.vm.network "private_network", ip: "192.168.33.10"
config.ssh.forward_agent = true
config.vm.synced_folder "./sync_folder", "/home/vagrant/sync_folder"
end
以下是我的〜/ .ssh/config中
Host github.com
ForwardAgent yes
当我输入
bundle exec knife solo bootstrap local-development
厨师返回此错误。
Recipe: github::default
* git[/home/vagrant/sync_folder] action sync
================================================================================
Error executing action `sync` on resource 'git[/home/vagrant/sync_folder]'
================================================================================
Mixlib::ShellOut::ShellCommandFailed
------------------------------------
Expected process to exit with [0], but received '128'
---- Begin output of git ls-remote "[email protected]:myorg/myproject.git" "master*" ----
STDOUT:
STDERR: Permission denied (publickey).
fatal: The remote end hung up unexpectedly
---- End output of git ls-remote "[email protected]:myorg/myproject.git" "master*" ----
Ran git ls-remote "[email protected]:myorg/myproject.git" "master*" returned 128
Running handlers:
[2016-03-03T09:02:23+00:00] ERROR: Running exception handlers
Running handlers complete
[2016-03-03T09:02:23+00:00] ERROR: Exception handlers complete
Chef Client failed. 8 resources updated in 25 seconds
[2016-03-03T09:02:23+00:00] FATAL: Stacktrace dumped to /var/chef/cache/chef-stacktrace.out
[2016-03-03T09:02:23+00:00] FATAL: Please provide the contents of the stacktrace.out file if you file a bug report
[2016-03-03T09:02:23+00:00] ERROR: git[/home/vagrant/sync_folder] (cloudtip::default line 10) had an error: Mixlib::ShellOut::ShellCommandFailed: Expected process to exit with [0], but received '128'
---- Begin output of git ls-remote "[email protected]:myorg/myproject.git" "master*" ----
STDOUT:
STDERR: Permission denied (publickey).
fatal: The remote end hung up unexpectedly
---- End output of git ls-remote "[email protected]:myorg/myproject.git" "master*" ----
Ran git ls-remote "[email protected]:myorg/myproject.git" "master*" returned 128
[2016-03-03T09:02:23+00:00] FATAL: Chef::Exceptions::ChildConvergeError: Chef run process exited unsuccessfully (exit code 1)
ERROR: RuntimeError: chef-solo failed. See output above.
答
事实上,这是预期。 knife solo
不会转发您的SSH代理凭据。期望的是,您将使用Chef来部署您的部署密钥,并使用包含git
资源的SSH包装器。查看application_git
cookbook获取资源,使其更容易一些。