Distinct SSH keys don't work

Question

Distinct SSH keys don't work

Closed this issue 4 years ago · 8 comments

When creating repo specific keys in GitHub, and trying to specify them in the config file similar to the r10k structure - it doesn't work.

Example:

source:
  example:
    remote: "git@github.com:example/example-repo"
    git:
      provider: 'rugged'
      private_key: '~/example/ssh_private_key'

I tried playing around with it with no success. Is there is a easy way to implement the above?

Answer 1 · 2020-07-14T14:02:05.000Z

Can you provide your g10k command with the -debug parameter?

I could be simply that g10k does not resolve your home path ~, try using the absolute path.

Answer 2 · 2020-07-14T15:04:15.000Z

Sure,

root@pm1:/home/nclose# g10k -config test.yaml -debug
2020/07/14 16:37:07 DEBUG main(): Using as config file: test.yaml
2020/07/14 16:37:07 DEBUG readConfigfile(): Trying to read g10k config file: test.yaml
2020/07/14 16:37:07 DEBUG checkDirAndCreate(): Using as cachedir from g10k config test.yaml: /tmp/g10k
2020/07/14 16:37:07 DEBUG checkDirAndCreate(): Using as cachedir: /tmp/g10k
2020/07/14 16:37:07 DEBUG checkDirAndCreate(): Using as cachedir/forge: /tmp/g10k/forge
2020/07/14 16:37:07 DEBUG checkDirAndCreate(): Using as cachedir/modules: /tmp/g10k/modules
2020/07/14 16:37:07 DEBUG checkDirAndCreate(): Using as cachedir/environments: /tmp/g10k/environments
2020/07/14 16:37:07 DEBUG readConfigfile(): detected deploy configration hash, which takes precedence over the non-deploy scoped settings
2020/07/14 16:37:07 DEBUG checkDirAndCreate(): Using as cachedir configured value: /tmp/g10k
2020/07/14 16:37:07 DEBUG checkDirAndCreate(): Using as basedir for source sharepoint_guide: /etc/puppetlabs/code/environments/production/modules
2020/07/14 16:37:07 DEBUG Puppet environment: sharepoint_guide ({Remote:git@github.com:Nclose-ZA/sharepoint_guide.git Basedir:/etc/puppetlabs/code/environments/production/modules Prefix:true PrivateKey: ForceForgeVersions:false WarnMissingBranch:true ExitIfUnreachable:true AutoCorrectEnvironmentNames:correct_and_warn})
2020/07/14 16:37:07 DEBUG checkDirAndCreate(): Using as basedir: /etc/puppetlabs/code/environments/production/modules
2020/07/14 16:37:07 DEBUG executeCommand(): Executing git clone --mirror git@github.com:Nclose-ZA/sharepoint_guide.git /tmp/g10k/environments/sharepoint_guide.git
2020/07/14 16:37:10 Executing git clone --mirror git@github.com:Nclose-ZA/sharepoint_guide.git /tmp/g10k/environments/sharepoint_guide.git took 2.19205s
WARN: git repository git@github.com:Nclose-ZA/sharepoint_guide.git does not exist or is unreachable at this moment!
WARNING: Could not resolve git repository in source 'sharepoint_guide' (git@github.com:Nclose-ZA/sharepoint_guide.git)

Config:

---
:cachedir: '/tmp/g10k'
use_cache_fallback: false

deploy:
  purge_levels: [ 'deployment', 'environment', 'puppetfile' ]
  purge_blacklist: [ '*.pyc' ]

sources:
  sharepoint_guide:
    remote: 'git@github.com:Nclose-ZA/sharepoint_guide.git'
    basedir: '/etc/puppetlabs/code/environments/production/modules/'
    exit_if_unreachable: true
    warn_if_branch_is_missing: true
    prefix: true
    git:
      provider: 'rugged'
      private_key: '/etc/g10k/puppetmaster_ssh'
    ignore_branch_prefixes:
      - 'stage'
      - 'dev'

If I go and add that key to my ssh authentication agent, it will connect just fine and work.

Answer 3 · 2020-07-15T14:07:23.000Z

Ah, I forgot:
I explicitly removed all authentication from github.com Puppet modules/git repositories:
https://github.com/xorpaul/g10k/blob/v0.8.10/git.go#L98-L99

You're the first one that uses private github.com repositories with g10k, congratulations! ;)

r10k does work with private github.com repositories just by addin the SSH key to the r10k config?

Answer 4 · 2020-07-15T14:42:02.000Z

Ah, thanks @xorpaul :-)

My understanding that g10k is basically a fork of r10k and they "share" similar code functions. So why doesn't it work, like I specified in my example above? (I copied that syntax from the r10k documentation you linked in your readme).

Answer 5 · 2020-07-15T14:51:29.000Z

Yes, I'm trying to keep the feature set equal between r10k and g10k, but it will never be 100%

So I was right, that your source github.com repository is a private one?

I'll try to add the ssh key then for the source github.com repository as I would for non github.com Puppet modules in the Puppetfile.

Answer 6 · 2020-07-15T15:07:55.000Z

So I was right, that your source github.com repository is a private one? - Yes sir, it's private.

Thanks!

Answer 7 · 2020-07-16T16:12:51.000Z

Please try out if the new version works for you as well:

https://github.com/xorpaul/g10k/releases/tag/v0.8.11

I've managed to checkout my private test Github control repository with this.

Answer 8 · 2020-07-22T14:13:37.000Z

Thanks @xorpaul.

I will try this and revert back!