Advanced Control over Role Requirements Files (git clone ssh)

Archives Ansible Project
1

Hi,

i want to share internal organization ansible roles from our gitlab instance with my colleagues.

  1. I installed Ansible 1.8 dev from source.
  2. Created a requirements.yml.
  3. Added a repo from the gitlab instance (src: git+https://ourgitlabhost/example-group/example-role.git)
  4. Executing ansible-galaxy install -r requirements.yml

It only uses https (with git config http.sslVerify false ) to clone the repo sucessfully.

What is the right syntax to use SSH for cloning?
2

Let me make sure I understand the question …

Are you asking what to put in the requirements.yml file so that it can download the above github role?

3

Right, I want to know how I can use SSH for cloning.

doesn’t work.

4

When you say doesn’t work, please let us know what doesn’t work means.

ssh://username:password@host/path.git

Needs to know it’s SSH, basically

5

ssh://git@ourgitlabhost:example-group/example-role.git

ansible-galaxy install -r requirements.yml

  • downloading role from ssh://git@ourgitlabhost:example-group/example-role.git
  • error: failed to download the file.
  • example-role was NOT installed successfully.
  • you can use --ignore-errors to skip failed roles.
6

IIRC, an issue with role dependencies and the ansible-galaxy CLI has been recently resolved on the development branch, if you can try things with the latest (git update), that would be great.

The released version, 1.7.1 is not affected, this was a consequence of upgrading the CLI during the development branch.

7

Ansible >> ansible 1.8 (devel 8cc3543918) last updated 2014/09/07 11:14:49 (GMT +200)
Git >> 1.9.1

ssh://git@ourgitlabhost:example-group/example-role.git

ansible-galaxy install -r requirements.yml

  • downloading role from ssh://git@ourgitlabhost:example-group/example-role.git
  • error: failed to download the file.
  • example-role was NOT installed successfully.
  • you can use --ignore-errors to skip failed roles.
8

Created an issue on Github …

9

Thanks, I commented on it - I would use https:// for anonymous checkouts on GitHub but we can investigate.

10

This still doesn’t work for me , any of below :

`

  • src: git@git.example.com:ansible/ansible-zsh.git
    scm: git

  • src: git@git.example.com/ansible/ansible-zsh.git
    scm: git

  • src: ssh://git@git.example.com:ansible/ansible-zsh.git
    scm: git

  • src: ssh://git@git.example.com/ansible/ansible-zsh.git
    scm: git

  • src: git+ssh://git@git.example.com:ansible/ansible-zsh.git

  • src: git+ssh://git@git.example.com/ansible/ansible-zsh.git

`

All of the above produce “command git clone … failed”

I can successfuly run “git clone git@git.example.com:ansible/ansible-zsh.git ansible-zsh” , which gets outputed by Ansible (by using the first “src:” config above which is supposed to be incorrect syntax in the first place) :

So Ansible seems to output here something that is not in fact executing (probably it’s not using git binary)

$ ansible --version ansible 1.9.3

I’m using Gitolite and have only ssh access , no http(s) . It works ok with https on Github .

11

Solved , my bad , used sudo instead of “sudo -E” to pass SSH_AUTH_SOCK.
And it does run git binary , the string after “executing:” is the exact command that gets executed.

12

write your task something like this

Pulls the code from a remote Git repository, - name: checkout latest web app code from github git: repo=git@repo.repo.com:repo:repo.git dest=/some/location key_file= path/to/key/file accept_hostkey=yes