My usage of the GIT_SSH_COMMAND environment variable was leaking into the "puppet agent -t" environment and was short-circuiting vcsrepo's use of GIT_SSH.
I've patched my local copy of the vcsrepo module and have created a PR: https://github.com/puppetlabs/puppetlabs-vcsrepo/pull/435 Cheers! -m On Tue, Dec 3, 2019 at 10:56 AM Matt Zagrabelny <mzagr...@d.umn.edu> wrote: > Greetings, > > I am attempting to specify an identity with a vcsrepo resource. Such as: > > vcsrepo { '/opt/src/repository': > ensure => present, > provider => git, > revision => 'stable', > source => 'ssh://gitol...@git.example.com/repository.git', > identity => '/root/.ssh/id_rsa__gitolite_access__non_private', > } > > I'm running puppet 5.5 (Debian Buster). > > I've tried with both the (Debian) packaged version of puppetlabs vcsrepo > (1.3.2) and the most recent source release from the forge (3.0.0) and I am > getting the same results for both: > > > Error: Execution of '/usr/bin/git clone ssh:// > gitol...@git.example.com/repository.git /opt/src/repository' returned > 128: Cloning into '/opt/src/repository'... > Permission denied, please try again. > Permission denied, please try again. > gitol...@git.example.com: Permission denied (publickey,password). > fatal: Could not read from remote repository. > > Please make sure you have the correct access rights > and the repository exists. > Error: > /Stage[main]/Profile___base__gnu/Vcsrepo[/opt/src/repository]/ensure: > change from 'absent' to 'present' failed: Execution of '/usr/bin/git clone > ssh://gitol...@git.example.com/repository.git /opt/src/repository' > returned 128: Cloning into '/opt/src/repository'... > Permission denied, please try again. > Permission denied, please try again. > gitol...@git.example.com: Permission denied (publickey,password). > fatal: Could not read from remote repository. > > Please make sure you have the correct access rights > and the repository exists. > > > I can get the vcsrepo to work if I utilize the default identity file > (~/.ssh/id_rsa) or by defining the identity file to use in ~/.ssh/config. > That is, by not specifying the "identity" parameter things work as expected. > > Additionally, I can successfully clone the repo using git using the > desired identity file: > > # GIT_SSH_COMMAND="/usr/bin/ssh -i > /root/.ssh/id_rsa__gitolite_access__non_private" git clone --single-branch > --branch stable ssh://gitol...@git.example.com/repository.git > Cloning into 'repository'... > remote: Enumerating objects: 8, done. > remote: Counting objects: 100% (8/8), done. > remote: Compressing objects: 100% (6/6), done. > remote: Total 8 (delta 1), reused 0 (delta 0) > Receiving objects: 100% (8/8), done. > Resolving deltas: 100% (1/1), done. > > Has anyone had success with specifying the identity file with vcsrepo? > > Any hints, tips, or suggestions are very welcome! > > Thanks, > > -m > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAOLfK3XZr49%2Brck_kdFcgeBtt59e4J8fHbpx%2B_%2BQ%2BonxrXe_zw%40mail.gmail.com.
