Like I mentioned I've been digging like crazy. I think I just found my nice obscure cause for the problem from a post back in July 2014. It seems that having sudo:yes can cause problems with git module. I had this GIT call as part of a playbook that needed sudo for other actions so I had it on. When I turned it off all of a sudden my Test and the actual GIT pull both worked
Yeah !!! :-) The thread with the hint: https://groups.google.com/d/topic/ansible-project/FECW2fFTrKM/discussion Thanks for the help Paul On Tuesday, July 21, 2015 at 4:02:59 PM UTC-4, Paul Hardwick wrote: > > Sorry for the extra long delay in responding but I didn't your reply come > in and I had been doing the git pulls manually just to get past it. I have > been revisiting the issue since we may be moving to AWS and I've been > trying to setup some new playbook to cover everything. > > I've been relying on agent forwarding, not actually copying over the > private key. > > Public still works. But Private is still giving me fits. My playbook is > almost identical to the one you posted. Except I ran on the remote server > and not localhost > > - I verified that AgentForwarding is being used "EXEC ssh -C -tt -vvv -o > ForwardAgent=yes -" is in the log > > - If I do basically the exact same steps manually it works.(using same SSH > keypair to login to the same server) > > - "ssh -T [email protected]" works natively on the server via SSH, but fails > when run via playbook > > - name: Execute command - check SSH-key access to GitHub > command: /usr/bin/ssh -T [email protected] > > > the output with server ID obscured > TASK: [Execute command - check SSH-key access to GitHub] > ********************** > failed: [ec2-00-00-00-00.us-xxxxx-2.compute.amazonaws.com] => {"changed": > true, "cmd": ["/usr/bin/ssh", "-T", "[email protected]"], "delta": > "0:00:00.496378", "end": "2015-07-21 19:51:54.642785", "rc": 255, "start": > "2015-07-21 > 19:51:54.146407", "warnings": []} > stderr: Permission denied (publickey). > > > FATAL: all hosts have already failed -- aborting > > I am going to a Ubuntu14LTS server and running Ver1.9.2 of ansible now, > but and earlier version during my prior attempts > > Any Solid clues appreciated. I'm still digging thru the other threads but > nothing matches yet. > Paul > > > On Wednesday, February 4, 2015 at 12:36:13 PM UTC-5, tkuratomi wrote: >> >> Private repositories should work. Here's a playbook I just ran to test: >> >> --- >> - hosts: localhost >> tasks: >> - git: >> repo: [email protected]:ansible/****.git >> accept_hostkey: True >> dest: /var/tmp/private-checkout >> >> >> From the sounds of it, I think you're right about the ssh key not >> being used is the culprit. So my question would be how are you >> setting things up so that ssh key is found and used by ansible? Are >> you relying on ssh-agent forwarding or are you copying the private key >> to the remote server beforehand? Is the key available to the correct >> remote account user? etc. >> >> -Toshio >> >> On Wed, Feb 4, 2015 at 9:16 AM, Paul Hardwick <[email protected]> >> wrote: >> > OK let me try this a different way. >> > >> > First let me verify that should work for Private repositories and not >> just >> > Public ones. >> > >> > Are there any special options that need/should be added to the master >> config >> > file or as options when calling the containing Playbook? >> > >> > Any ideas or even questions that might point me in the right direction >> > appreciated. >> > >> > >> > On Friday, January 16, 2015 at 5:47:28 PM UTC-5, Paul Hardwick wrote: >> >> >> >> Hello Ansiblers, >> >> >> >> I am trying use ansible to bring in a Private GITHUB repository and am >> >> having issues and getting "Permission denied (publickey)." I've done >> some >> >> digging and checked the ideas I came across on the mailing list so >> far, but >> >> none of them have worked. >> >> >> >> - I've opened up the ports in the outbound firewall >> >> - If I do a public repo it works fine, so its not an issue reaching >> GITHUB >> >> in general just the Private repositories. >> >> - If I try to clone the Private repository manually on the destination >> >> server it works correctly >> >> - GitHub ssh-key access test ( ssh -T [email protected] ) works on box >> >> directly but fails under Ansible in a playbook using command. >> >> >> >> So it would seem like the SSH key info isn't being passed along. BTW >> I've >> >> tried the github ssh-key test both with and without SUDO auth. And it >> fails >> >> either way. The SSH-key is the same for my SSH login and github. >> >> >> >> I have included the log of the original failure and the github test >> for >> >> recognition of the users SSH-Key >> >> >> >> Any clues of things I can check or what I might be doing wrong would >> be >> >> appreciated. >> >> >> >> Thanks, >> >> Paul >> >> >> >> ================ Start - from playbook output that fails === >> >>> >> >>> TASK: [git [email protected]:GitUserName/GitRepoName.git >> >>> dest=/usr/local/GitUserName/ansible-examples-ta4 version=HEAD >> >>> accept_hostkey=yes] *** >> >>> <111.222.333.444> REMOTE_MODULE git >> >>> [email protected]:GitUserName/GitRepoName.git >> >>> dest=/usr/local/GitUserName/ansible-examples-ta4 version=HEAD >> >>> accept_hostkey=yes >> >>> failed: [bbb-sandbox-a-pub] => {"cmd": "/usr/bin/git ls-remote >> >>> [email protected]:GitUserName/GitRepoName.git -h refs/heads/HEAD", >> "failed": >> >>> true, "rc": 128} >> >>> stderr: Permission denied (publickey). >> >>> fatal: The remote end hung up unexpectedly >> >>> msg: Permission denied (publickey). >> >>> fatal: The remote end hung up unexpectedly >> >>> FATAL: all hosts have already failed -- aborting >> >> >> >> ============== End - from playbook output that fails === >> >> >> >> ================ Start - from Github SSH-key test that fails === >> >>> >> >>> TASK: [Execute command - check SSH-key access to GitHub] >> >>> ********************** >> >>> <111.222.333.444> ESTABLISH CONNECTION FOR USER: MyUbuntuUser >> >>> <111.222.333.444> REMOTE_MODULE command /usr/bin/ssh -T >> [email protected] >> >>> <111.222.333.444> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o >> >>> ControlPersist=60s -o >> >>> ControlPath="/Users/MyOSXuser/.ansible/cp/ansible-ssh-%h-%p-%r" -o >> Port=8023 >> >>> -o KbdInteractiveAuthentication=no -o >> >>> >> PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey >> -o >> >>> PasswordAuthentication=no -o User=MyUbuntuUser -o ConnectTimeout=10 >> >>> 111.222.333.444 /bin/sh -c 'mkdir -p >> >>> $HOME/.ansible/tmp/ansible-tmp-1421445689.53-55058409970052 && chmod >> a+rx >> >>> $HOME/.ansible/tmp/ansible-tmp-1421445689.53-55058409970052 && echo >> >>> $HOME/.ansible/tmp/ansible-tmp-1421445689.53-55058409970052' >> >>> <111.222.333.444> PUT >> >>> /var/folders/jv/z2wn_pn52l76vtv84tsj2yf40000gx/T/tmpodUAD4 TO >> >>> >> /home/MyUbuntuUser/.ansible/tmp/ansible-tmp-1421445689.53-55058409970052/command >> >> >> >>> <111.222.333.444> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o >> >>> ControlPersist=60s -o >> >>> ControlPath="/Users/MyOSXuser/.ansible/cp/ansible-ssh-%h-%p-%r" -o >> Port=8023 >> >>> -o KbdInteractiveAuthentication=no -o >> >>> >> PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey >> -o >> >>> PasswordAuthentication=no -o User=MyUbuntuUser -o ConnectTimeout=10 >> >>> 111.222.333.444 /bin/sh -c 'LANG=en_US.UTF-8 LC_CTYPE=en_US.UTF-8 >> >>> /usr/bin/python >> >>> >> /home/MyUbuntuUser/.ansible/tmp/ansible-tmp-1421445689.53-55058409970052/command; >> >> >> >>> rm -rf >> >>> >> /home/MyUbuntuUser/.ansible/tmp/ansible-tmp-1421445689.53-55058409970052/ >> >>> >/dev/null 2>&1' >> >>> failed: [bbb-sandbox-a-pub] => {"changed": true, "cmd": >> ["/usr/bin/ssh", >> >>> "-T", "[email protected]"], "delta": "0:00:00.113147", "end": >> "2015-01-16 >> >>> 22:01:21.784784", "rc": 255, "start": "2015-01-16 22:01:21.671637", >> >>> "warnings": []} >> >>> stderr: Permission denied (publickey). >> >>> FATAL: all hosts have already failed -- aborting >> >>> PLAY RECAP >> >>> ******************************************************************** >> >> >> >> ====================== End - from Github SSH-key test that fails === >> >> >> >> ======================= Start - ansible version info === >> >>> >> >>> $ ansible --version >> >>> ansible 1.8.2 >> >>> configured module search path = None >> >> >> >> ====================== End - ansible version info === >> >> >> > -- >> > You received this message because you are subscribed to the Google >> Groups >> > "Ansible Project" group. >> > To unsubscribe from this group and stop receiving emails from it, send >> an >> > email to [email protected]. >> > To post to this group, send email to [email protected]. >> > To view this discussion on the web visit >> > >> https://groups.google.com/d/msgid/ansible-project/29af652d-0bed-484b-a86d-2c63dfd4b482%40googlegroups.com. >> >> >> > >> > For more options, visit https://groups.google.com/d/optout. >> > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/4181827b-1e72-4d75-8840-acf7fbd8605e%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
