Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Example playbook for cloning a private git repository with Ansible.
---
hosts: all
tasks:
- name: add github ssh key
copy: >
src=files/id_rsa.github
dest=/root/.ssh/id_rsa.github
owner=root
group=root
mode=0600
- name: configure ssh to use ansible key for github.com
template: >
src=templates/ssh_config.j2
dest=/root/.ssh/config
owner=root
group=root
mode=0644
- name: clone a private repository
git: >
repo=ssh://git@github.com/someone/example-repo.git
key_file=/root/.ssh/id_rsa.github
dest=/opt/example
# Obviously this is an example private key. Replace with your own ssh private key
# and ensure it has been added to your GitHub account.
# files/id_rsa.github
-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEAzoyI5fvatHZ8kjtDLr7uOtoc7dziWVAPsf6oLzzZ1Bbs7e0u
t1IR/eTakDY/NwQi9o5y0MDSDnSwPyaV4heMY6eY2lABUFU+NenW+0P53akqdGc8
ejXhhv3gbfJ+sNmdU6CNtm2lxlZ2UwJVlRTwvLARiUN/OnPudGQYD4qJ1uZQy9Lj
5j+mJMMiCOV0zX3HVrlAQHTgnUPe+yIzbC9J9rtjhBquNFLrsxgkzgWYcmUMEp+i
wO9xHOOetekrP1qV+TmkM9pSeCUjL0uBeSDtsfEKbC9He5EmLMdayDsrxtCRG8GG
EzJK3vdn4ITTqTdf82YhPhbcSwogw0/LzYrcAQIDAQABAoIBAGiXHVNoHy02uonJ
3JE1OakvfWqtaSjUs73sN/oDlEIjgcJRUlCeDGJGmq5f6c7QF2xGYbl3imari/vO
bCNazUpBOdOCo8esAp6GVMhTeZlW6hqblDJGSndy40yJeMHQ0Cvipx/zkfhHHA+Y
pQGi4uyJM7gQJ8LPpbXmYZCtFHNur9gT+XX86tpRLqEp4XMaGzaDpqEEu2qitUfy
lRQq3cyHUfWd/ccAQ966qwHlZ2KGeL9t7pVsWA/npDWXF8UfSR5a39EtTLR2S2du
HXXOajdXgfPlnCNUuOnzlUlvVmS9RYUztstWNC+KBA+5SQnAavQieYidA/a4Ruhi
fNvGgAECgYEA8fQAp8NJSJnzBz5s25qmexWRkVhp8epapSKjOx03XE9WMsna0kRM
mYX2xAdf1K4Tj+8oHdPSmlXSRcL9Lmtvb9XZ/VtgmhluKz40iRqvxP18L/InRAXm
3V7dpVxoru6ldmeGiek7KEZq5hIQW3ijmlBuuduj3mviBB2Eq4VscYECgYEA2opX
nX0fLpG9ae9TOgO2GA5fyWgp0Pk/SPnGkHSdGlK7bh/gFei6EXKFsbU51aoDq7RV
FVrA7+xz2weppryhF3/lhVXONLUms1WvbLqca2Mu0Jtzv5F9se1GTJQpgQZc64Fq
dSTKCs6/HVcPq9XZJaw+QK6pBEq4Xk4O2KWGqoECgYBbuWHqN5l3oY1FiL/h/N3y
OXoG/NqlMHAOvHPfPDM5loYaGPYQ0n2rkeK77APDb/7QiRzPOfdUNQbTFZm/2FDV
t9+9McAMi2l9kUZ/V5Oc/W/wCUAjhI1CDO2/+6lf7+7gVVzmuXmIyjFKaTy0QKbd
IHLpmL+l2YZEgyBBmgJDgQKBgBuNy8QwjWjquS4NHbo305Ku5UbYmkUd1+vUikOW
YGR8P+N/o1o/0I34mYCxb8xPtkzE3OFnYuIdNvJLwgkiyVDUMFUiX3Bn0qxTxl14
HdawV6u3nd1uc6GmX/Gx0JXS/o427/w7GjpInPIPEwvAV7OXRvYSz36aCSrivp50
KEmBAoGAHuuJPyiK8FvfWdxC7iqAw/VbUZMaknpujrI4gYRGHR1q65d4g4GbjgTf
8EGacRRMmqMGsuJIckWMPA1avC2h5C+w7BZx851HZJvuWt7YmcEuvx1KP7G3bU+h
fVQWuUcj3Cto/US5H2fE7v9+PmRsAgPe5Ozw5N+WAu12rLV//Aw=
-----END RSA PRIVATE KEY-----
# templates/ssh_config.j2
{{ ansible_managed | comment }}
Host github.com
IdentityFile /root/.ssh/id_rsa.github
IdentitiesOnly yes
@djuretic

This comment has been minimized.

Copy link

djuretic commented Sep 20, 2018

Thanks! It worked for me

@Bhanuvadlamudi

This comment has been minimized.

Copy link

Bhanuvadlamudi commented Jan 21, 2019

Hi
i am new to ansible
i want to add a new task in ansible to git pull the checked in code into ec2 instance and run small application in ec2 instance, can you please help me with that ???

@sampathpogula

This comment has been minimized.

Copy link

sampathpogula commented Feb 26, 2019

Its worked for me.Thank you

@saeed0808

This comment has been minimized.

Copy link

saeed0808 commented Mar 16, 2019

its not working for me can you help me.

@digitalbricklayer

This comment has been minimized.

Copy link

digitalbricklayer commented Mar 20, 2019

This works but only after I have done a manual git clone to the repository in question and answered yes when it asked me whether I wished to continue connecting.

The git clone command outputs this:
Cloning into 'repo name'...
The authenticity of host 'github.com (ip address of github.com)' can't be established.
RSA key fingerprint is SHA256:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.
RSA key fingerprint is MD5:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.
Are you sure you want to continue connecting (yes/no)?

When I answer yes, a file is created /root/.ssh/known_hosts

The next time I execute the playbook with the same VM, the git clone works fine. If I delete the /root/.ssh/known_hosts file again, it fails.

Any ideas where I went wrong?

My VM is Centos 7.4 if that makes any difference.

EDIT:
I have resolved the problem above. Adding StrictHostKeyChecking no to the ssh_config works now but according to some sources at a slight degrading of security. My edited ssh_config now looks like this:


{{ ansible_managed | comment }}

Host github.com
IdentityFile /root/.ssh/id_rsa.github
IdentitiesOnly yes
StrictHostKeyChecking no```
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.