GIT over SSH in Ansible hangs, eventhough ssh-agent forwarding is set up

I have set up everyhing I could find, but still cloning a repo from GitHub hangs the provisioning process.

I have:

  • server in known_hosts
  • .ssh/config

    Host github.com
      ForwardAgent yes
      StrictHostKeyChecking no
    
  • copied private key

  • public key is in authorized_keys
  • the command runs as vagrant user
  • the play is:

    - name: Checkout from git
      git: repo=git@github.com:username/repositoryname.git dest=/srv/website
    

Answers


Just to expand on tillda's answer, that config can be placed in an ansible.cfg file alongside your playbook. e.g.:

ansible.cfg

[defaults]
transport = ssh

[ssh_connection]
ssh_args = -o ForwardAgent=yes

I'd say it's better to do that than setting as an env variable, as placing it in a conf file is both more declarative and also will minimise the steps needed for other people you may be working with to going with a project.

Conf docs: http://docs.ansible.com/intro_configuration.html#the-ansible-configuration-file

Example config file: https://raw.github.com/ansible/ansible/devel/examples/ansible.cfg


I want to share the answer that worked for me:

https://groups.google.com/forum/#!msg/ansible-project/u6o-sWynMjo/69UwJfJPq7cJ - From Ansible Google Group

For ansible, ssh-add to load ssh keys in your host machine first. Then use "ssh" as connection type with forwarding enabled.

Such as:

$ ssh-add  
$ export ANSIBLE_TRANSPORT="ssh"  
$ export  ANSIBLE_SSH_ARGS="-o ForwardAgent=yes"

See manual for ssh-add for running the agent.

The Ansible docs for ssh-args are http://docs.ansible.com/intro_configuration.html#ssh-args


this works for me

- name: ensure known hosts
  shell: touch ~/.ssh/known_hosts
- name: remove github.com from known host
  shell: ssh-keygen -R github.com
  # >> instead of > to keep existing known_hosts file
- name: ensure github.com in known host
  shell: ssh-keyscan -H github.com >> ~/.ssh/known_hosts

Add to ansible.cfg the following parameter:

[defaults]
sudo_flags=-HE

In my case the issue was the repository string. I had a bitbucket private repository set as:

git@tsrs...

but it should be:

ssh://git@tsrs...

Notice the subtle absence of the prefix "ssh". The weird part is that if I clone a github repository without the "ssh", it works fine!


I had an error :

bitbucket.org has an unknown hostkey. Set accept_hostkey to True or manually add the hostkey prior to running the git module

I had to add a accept_hostkey parameter to my git module command :

playbook :

tasks:
    - name: clone
      git: repo=git@bitbucket.org:robusta-code/xyz.git
           dest=/app
           accept_hostkey=yes

ansible.cfg

[ssh_connection]
ssh_args = -o ForwardAgent=yes

Need Your Help

XML Parsing With AsyncTask

java android xml parsing android-asynctask

I want to take currency from specific Url but AsyncTask is giving me runtime error: I couldn't find what I have to do.

Altering fields via return values vs. altering fields by referencing them within methods?

java performance methods field parameter-passing

Let's say I have a private integer x as a field in class Example, and I want to set this integer to 1. There are two ways I am going about doing this at the moment: