In summary, When provisioning my vagrant box using Ansible, I get thrown a mysterious error when trying to clone my bitbucket private repo using ssh. The error states that the "Host key verification failed".
Yet if I vagrant ssh and then run the 'git clone' command, the private repo is successfully cloned. This indicates that the ssh forward agent is indeed working and the vagrant box can access my private key associated with the bitbucket repo.
I have been struggling for two days on this issue and am loosing my mind! Please, somebody help me!!!
Vagrantfile:
Vagrant.configure("2") do |config|
config.vm.box = "ubuntu/xenial64"
config.vm.network "private_network", ip: "192.168.33.10"
config.ssh.forward_agent = true
# Only contains ansible dependencies
config.vm.provision "shell",
inline: "sudo apt-get install python-minimal -y"
# Use ansible for all provisioning:
config.vm.provision "ansible" do |ansible|
ansible.playbook = "provisioning/playbook.yml"
end
end
My playbook.yml is as follows:
---
- hosts: all
become: true
tasks:
- name: create /var/www/ directory
file: dest=/var/www/ state=directory owner=www-data group=www-data mode=0755
- name: Add the user 'ubuntu' to group 'www-data'
user:
name: ubuntu
shell: /bin/bash
groups: www-data
append: yes
- name: Clone bitbucket repo
git:
repo: git@bitbucket.org:gustavmahler/example.com.git
dest: /var/www/poo
version: master
accept_hostkey: yes
Error Message:
vagrant provision
TASK [common : Clone bitbucket repo] *******************************************
fatal: [default]: FAILED! => {"changed": false, "cmd": "/usr/bin/git clone --origin origin '' /var/www/poo", "failed": true, "msg": "Cloning into '/var/www/poo'...\nWarning: Permanently added the RSA host key for IP address '104.192.143.3' to the list of known hosts.\r\nPermission denied (publickey).\r\nfatal: Could not read from remote repository.\n\nPlease make sure you have the correct access rights\nand the repository exists.", "rc": 128, "stderr": "Cloning into '/var/www/poo'...\nWarning: Permanently added the RSA host key for IP address '104.192.143.3' to the list of known hosts.\r\nPermission denied (publickey).\r\nfatal: Could not read from remote repository.\n\nPlease make sure you have the correct access rights\nand the repository exists.\n", "stderr_lines": ["Cloning into '/var/www/poo'...", "Warning: Permanently added the RSA host key for IP address '104.192.143.3' to the list of known hosts.", "Permission denied (publickey).", "fatal: Could not read from remote repository.", "", "Please make sure you have the correct access rights", "and the repository exists."], "stdout": "", "stdout_lines": []}
Additional Info:
- ssh-add -l on my machine does contain the associated bitbucket repo key.
- ssh-add -l inside the vagrant box does also contain the associated bitbucket repo key (through ssh-forwarding).
Yet cloning works if done manually inside the vagrant box ?:
vagrant ssh
git clone git@bitbucket.org:myusername/myprivaterepo.com.git
Then type "yes" to allow the RSA fingerprint to be added to ~/.ssh/known_hosts (as its first connection with bitbucket)
Possible solution?
I have seen in the Ansible documentation that there is a key_file: option. How would I reference the private key which is located outside the vagrant box and is passed in using ssh forwarding?
I do have multiple ssh keys for different entities inside my ~/.ssh/ Perhaps the git clone command when run by Ansible provisioning isn't selecting the correct key?
Any help is greatly appreciated and thanks for reading my nightmare.