I'm using a masterless puppet install to configure my dev box and I need to clone a private repo, but vcsrepo won't run as a specific user so the wrong ssh key is being used.
According to the vcsrepo docs this should run as my non-root user:
vcsrepo { '/path/to/repo':
ensure => present,
provider => git,
source => 'git://example.com/repo.git',
user => 'blake',
}
But every time it runs I think it is still running as root because I get this error:
Error: Execution of 'git clone [email protected]:private-org/private-repo.git /home/blake/code/private-repo' returned 128: Cloning into '/home/blake/code/private-repo'...
Host key verification failed.
fatal: Could not read from remote repository.
If I manually execute git clone it works just fine so I know the correct ssh key is setup for my user account.
update 1:
Okay I added the --debug
flag but it doesn't really give any more info.
Debug: Executing 'git clone [email protected]:private-org/private-repo.git /home/blake/code/private-repo'
But I think it has something to do with my 'known_hosts' file. If the host is known it works just fine, otherwise it shows the error above. So somehow I need to figure out how to populate the 'known_hosts' file so the the vcsrepo command will work.
The Host key verification failed
error in this case has to do with a missing host in the 'known_hosts' file.
If you do a git clone
from the command line it will prompt you do add the host entry to the 'known_hosts' file, but this won't work if puppet runs the git clone
command.
To solve the problem I added the output of ssh-keyscan -t rsa github.com
to my 'known_hosts' file via puppet using the file_line type. I also turned off 'HashKnownHosts' in my .ssh/config
file.