I am having trouble trying to clone a private git repository from gitolite. I am installing git 2.8.1 and using Chef 12.9. I am trying to create an SSH wrapper that the chef git resource can use to authenticate into my repository.
....
file "/tmp/ssh_wrapper.sh" do
content "#!/bin/sh\nexec /usr/bin/ssh -i #{/tmp/key.pem} \"$@\""
user "root"
group "root"
mode "0700"
action :create
end
git "/home/some_repo" do
repository "git@cookbooks.somecompany.com:some_repo.git"
revision "1.0.0"
user "root"
group "root"
ssh_wrapper "/tmp/ssh_wrapper.sh"
action :sync
end
....
I get the following error when trying to sync to the git repo using test kitchen.
================================================================================
Error executing action `sync` on resource 'git[/home/some_repo]'
=========================================================================== =====
Mixlib::ShellOut::ShellCommandFailed
------------------------------------
Expected process to exit with [0], but received '128'
---- Begin output of git ls-remote "git@cookbooks.somecompany.com:some_repo.git" "1.0.0*" ----
STDOUT:
STDERR: Host key verification failed.
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
---- End output of git ls-remote "git@cookbooks.somecompany.com:some_repo.git" "1.0.0*" ----
Ran git ls-remote "git@cookbooks.somecompany.com:some_repo.git" "1.0.0*" returned 128
Resource Declaration:
---------------------
# In /tmp/kitchen/cookbooks/version_control/definitions/some_git_repo.rb
33: git "/home/some_repo" do
34: repository "git@cookbooks.somecompany.com:some_repo.git"
35: revision "1.0.0"
36: user "root"
37: group "root"
38: ssh_wrapper "/tmp/ssh_wrapper.sh"
39: action :sync
40: end
41: # Remote the SSH private key
Compiled Resource:
------------------
# Declared in /tmp/kitchen/cookbooks/version_control/definitions/some_git_repo.rb:33:in `block in from_file'
git("/home/some_repo") do
params {:owner=>"root", :group=>"root", :mode=>"700", :revision=>"1.0.2", :path=>"/home/", :name=>"some_repo"}
action [:sync]
retries 0
retry_delay 2
default_guard_interpreter :default
destination "/home/some_repo"
enable_checkout true
revision "1.0.0"
remote "origin"
ssh_wrapper "/tmp/ssh_wrapper.sh"
checkout_branch "deploy"
declared_type :git
cookbook_name :version_control
recipe_name "test"
repository "git@cookbooks.somecompany.com:some_repo.git"
user "root"
group "root"
end
Platform:
---------
x86_64-linux
Running handlers:
[2016-05-02T21:27:02+00:00] ERROR: Running exception handlers
Running handlers complete
[2016-05-02T21:27:02+00:00] ERROR: Exception handlers complete
Chef Client failed. 22 resources updated in 02 minutes 10 seconds
[2016-05-02T21:27:02+00:00] FATAL: Stacktrace dumped to /tmp/kitchen/cache/chef-stacktrace.out
[2016-05-02T21:27:02+00:00] FATAL: Please provide the contents of the stacktrace.out file if you file a bug report
[2016-05-02T21:27:02+00:00] ERROR: git[/home/some_repo] (version_control::test line 33) had an error: Mixlib::ShellOut::ShellCommandFailed: Expected process to exit with [0], but received '128'
---- Begin output of git ls-remote "git@cookbooks.somecompany.com:some_repo.git" "1.0.0*" ----
STDOUT:
STDERR: Host key verification failed.
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
---- End output of git ls-remote "git@cookbooks.somecompany.com:some_company.git" "1.0.0*" ----
Ran git ls-remote "git@cookbooks.somecompany.com:some_repo.git" "1.0.0*" returned 128
[2016-05-02T21:27:02+00:00] FATAL: Chef::Exceptions::ChildConvergeError: Chef run process exited unsuccessfully (exit code 1)
>>>>>> Converge failed on instance <test-add-some-repo-ubuntu-1404>.
>>>>>> Please see .kitchen/logs/test-add-some-repo-ubuntu-1404.log for more details
>>>>>> ------Exception-------
>>>>>> Class: Kitchen::ActionFailed
>>>>>> Message: SSH exited (1) for command: [sh -c '
sudo -E /opt/chef/bin/chef-solo --config /tmp/kitchen/solo.rb --log_level auto --force-formatter --no-color --json-attributes /tmp/kitchen/dna.json
']
>>>>>> ----------------------
The documentation for the git resource says that the ssh_wrapper property sets the GIT_SSH environment variable. When I log into the vagrant virtual machine setup by test-kitchen, and run the following command ...
GIT_SSH=/tmp/ssh_wrapper.sh git ls-remote "git@cookbooks.somecompany.com:some_repo.git" "1.0.0*"
... I am able to gain access to the repository.
I have tried the solutions in a few stack overflow posts with no success. Chef git cookbook: how to fix permission denied while cloning private repo?, How to pull private git repo using chef from gitolite, Chef deploy_resource private repo, ssh deploy keys and ssh_wrapper, git error while deploying through chef
I have also tried running ...
GIT_SSH=/tmp/ssh_wrapper.sh git ls-remote "git@cookbooks.somecompany.com:some_repo.git" "1.0.0*"
... using the bash and execute resource.
I don't understand why I am unable to clone this repository. It seems like I am missing something basic here, but I don't really know what. Any help would be much appreciated.
Your SSH wrapper needs to disable host key verification or you need to pre-populate the known_hosts file. Check out the application_git cookbook which takes care of all this for you.