Example playbook for cloning a private git repository with Ansible.

ansible-github.yml

---

hosts: all
tasks:
  - name: add github ssh key
    copy: >
      src=files/id_rsa.github
      dest=/root/.ssh/id_rsa.github
      owner=root
      group=root
      mode=0600
  
  - name: configure ssh to use ansible key for github.com
    template: >
      src=templates/ssh_config.j2
      dest=/root/.ssh/config
      owner=root
      group=root
      mode=0644
      
  - name: clone a private repository
    git: >
      repo=ssh://git@github.com/someone/example-repo.git
      key_file=/root/.ssh/id_rsa.github
      dest=/opt/example

id_rsa.github

# Obviously this is an example private key. Replace with your own ssh private key
# and ensure it has been added to your GitHub account.

# files/id_rsa.github

-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEAzoyI5fvatHZ8kjtDLr7uOtoc7dziWVAPsf6oLzzZ1Bbs7e0u
t1IR/eTakDY/NwQi9o5y0MDSDnSwPyaV4heMY6eY2lABUFU+NenW+0P53akqdGc8
ejXhhv3gbfJ+sNmdU6CNtm2lxlZ2UwJVlRTwvLARiUN/OnPudGQYD4qJ1uZQy9Lj
5j+mJMMiCOV0zX3HVrlAQHTgnUPe+yIzbC9J9rtjhBquNFLrsxgkzgWYcmUMEp+i
wO9xHOOetekrP1qV+TmkM9pSeCUjL0uBeSDtsfEKbC9He5EmLMdayDsrxtCRG8GG
EzJK3vdn4ITTqTdf82YhPhbcSwogw0/LzYrcAQIDAQABAoIBAGiXHVNoHy02uonJ
3JE1OakvfWqtaSjUs73sN/oDlEIjgcJRUlCeDGJGmq5f6c7QF2xGYbl3imari/vO
bCNazUpBOdOCo8esAp6GVMhTeZlW6hqblDJGSndy40yJeMHQ0Cvipx/zkfhHHA+Y
pQGi4uyJM7gQJ8LPpbXmYZCtFHNur9gT+XX86tpRLqEp4XMaGzaDpqEEu2qitUfy
lRQq3cyHUfWd/ccAQ966qwHlZ2KGeL9t7pVsWA/npDWXF8UfSR5a39EtTLR2S2du
HXXOajdXgfPlnCNUuOnzlUlvVmS9RYUztstWNC+KBA+5SQnAavQieYidA/a4Ruhi
fNvGgAECgYEA8fQAp8NJSJnzBz5s25qmexWRkVhp8epapSKjOx03XE9WMsna0kRM
mYX2xAdf1K4Tj+8oHdPSmlXSRcL9Lmtvb9XZ/VtgmhluKz40iRqvxP18L/InRAXm
3V7dpVxoru6ldmeGiek7KEZq5hIQW3ijmlBuuduj3mviBB2Eq4VscYECgYEA2opX
nX0fLpG9ae9TOgO2GA5fyWgp0Pk/SPnGkHSdGlK7bh/gFei6EXKFsbU51aoDq7RV
FVrA7+xz2weppryhF3/lhVXONLUms1WvbLqca2Mu0Jtzv5F9se1GTJQpgQZc64Fq
dSTKCs6/HVcPq9XZJaw+QK6pBEq4Xk4O2KWGqoECgYBbuWHqN5l3oY1FiL/h/N3y
OXoG/NqlMHAOvHPfPDM5loYaGPYQ0n2rkeK77APDb/7QiRzPOfdUNQbTFZm/2FDV
t9+9McAMi2l9kUZ/V5Oc/W/wCUAjhI1CDO2/+6lf7+7gVVzmuXmIyjFKaTy0QKbd
IHLpmL+l2YZEgyBBmgJDgQKBgBuNy8QwjWjquS4NHbo305Ku5UbYmkUd1+vUikOW
YGR8P+N/o1o/0I34mYCxb8xPtkzE3OFnYuIdNvJLwgkiyVDUMFUiX3Bn0qxTxl14
HdawV6u3nd1uc6GmX/Gx0JXS/o427/w7GjpInPIPEwvAV7OXRvYSz36aCSrivp50
KEmBAoGAHuuJPyiK8FvfWdxC7iqAw/VbUZMaknpujrI4gYRGHR1q65d4g4GbjgTf
8EGacRRMmqMGsuJIckWMPA1avC2h5C+w7BZx851HZJvuWt7YmcEuvx1KP7G3bU+h
fVQWuUcj3Cto/US5H2fE7v9+PmRsAgPe5Ozw5N+WAu12rLV//Aw=
-----END RSA PRIVATE KEY-----

ssh_config.j2

# templates/ssh_config.j2

{{ ansible_managed | comment }}

Host github.com
IdentityFile /root/.ssh/id_rsa.github
IdentitiesOnly yes

Its worked for me.Thank you

its not working for me can you help me.

This works but only after I have done a manual git clone to the repository in question and answered yes when it asked me whether I wished to continue connecting.

The git clone command outputs this:
Cloning into 'repo name'...
The authenticity of host 'github.com (ip address of github.com)' can't be established.
RSA key fingerprint is SHA256:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.
RSA key fingerprint is MD5:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.
Are you sure you want to continue connecting (yes/no)?

When I answer yes, a file is created /root/.ssh/known_hosts

The next time I execute the playbook with the same VM, the git clone works fine. If I delete the /root/.ssh/known_hosts file again, it fails.

Any ideas where I went wrong?

My VM is Centos 7.4 if that makes any difference.

EDIT:
I have resolved the problem above. Adding StrictHostKeyChecking no to the ssh_config works now but according to some sources at a slight degrading of security. My edited ssh_config now looks like this:

{{ ansible_managed | comment }}

Host github.com
IdentityFile /root/.ssh/id_rsa.github
IdentitiesOnly yes
StrictHostKeyChecking no```

Hello, if my user is normal user who doesn't have root permission to access /root/.ssh, what can we do?

@digitalbricklayer - the Ansible docs have a note about hanging now. Still - i ended up having to do a manual checkout as you suggested.

new to ansible. i can remote into the host and just 'git clone ' and it pulls the repo no problems. what am i missing? I've disable strickHostKeyChecking and still no joy via ansible.

fatal: [104.248.127.247]: FAILED! => {"changed": false, "cmd": "/usr/bin/git clone --origin origin 'ssh:********@github.com:svendavison/ansible-for-keeps.git' /data/ansible-crap/repos", "msg": "ssh: Could not resolve hostname github.com:svendavison: Name or service not known\r\nfatal: Could not read from remote repository.\n\nPlease make sure you have the correct access rights\nand the repository exists.", "rc": 128, "stderr": "ssh: Could not resolve hostname github.com:svendavison: Name or service not known\r\nfatal: Could not read from remote repository.\n\nPlease make sure you have the correct access rights\nand the repository exists.\n", "stderr_lines": ["ssh: Could not resolve hostname github.com:svendavison: Name or service not known", "fatal: Could not read from remote repository.", "", "Please make sure you have the correct access rights", "and the repository exists."], "stdout": "Cloning into '/data/ansible-crap/repos'...\n", "stdout_lines": ["Cloning into '/data/ansible-crap/repos'..."]}

Double check your repository url. Looks a bit odd at a glance. Sent from a mobile device!

…

On 23 Dec 2019, at 21:51, Sven Davison ***@***.***> wrote:  new to ansible. i can remote into the host and just 'git clone ' and it pulls the repo no problems. what am i missing? fatal: [104.248.127.247]: FAILED! => {"changed": false, "cmd": "/usr/bin/git clone --origin origin ***@***.***:svendavison/ansible-for-keeps.git' /data/ansible-crap/repos", "msg": "ssh: Could not resolve hostname github.com:svendavison: Name or service not known\r\nfatal: Could not read from remote repository.\n\nPlease make sure you have the correct access rights\nand the repository exists.", "rc": 128, "stderr": "ssh: Could not resolve hostname github.com:svendavison: Name or service not known\r\nfatal: Could not read from remote repository.\n\nPlease make sure you have the correct access rights\nand the repository exists.\n", "stderr_lines": ["ssh: Could not resolve hostname github.com:svendavison: Name or service not known", "fatal: Could not read from remote repository.", "", "Please make sure you have the correct access rights", "and the repository exists."], "stdout": "Cloning into '/data/ansible-crap/repos'...\n", "stdout_lines": ["Cloning into '/data/ansible-crap/repos'..."]} — You are receiving this because you commented. Reply to this email directly, view it on GitHub, or unsubscribe.

Yep. They fixed it. I blindly took a couple examples and didn’t sanitize/validate them. I’m good now thanks!

…

-Sven Davison (sent from my iPhone)

On Dec 24, 2019, at 3:07 AM, Stephen Wolff ***@***.***> wrote: Double check your repository url. Looks a bit odd at a glance. Sent from a mobile device! > On 23 Dec 2019, at 21:51, Sven Davison ***@***.***> wrote: > >  > new to ansible. i can remote into the host and just 'git clone ' and it pulls the repo no problems. what am i missing? > > fatal: [104.248.127.247]: FAILED! => {"changed": false, "cmd": "/usr/bin/git clone --origin origin ***@***.***:svendavison/ansible-for-keeps.git' /data/ansible-crap/repos", "msg": "ssh: Could not resolve hostname github.com:svendavison: Name or service not known\r\nfatal: Could not read from remote repository.\n\nPlease make sure you have the correct access rights\nand the repository exists.", "rc": 128, "stderr": "ssh: Could not resolve hostname github.com:svendavison: Name or service not known\r\nfatal: Could not read from remote repository.\n\nPlease make sure you have the correct access rights\nand the repository exists.\n", "stderr_lines": ["ssh: Could not resolve hostname github.com:svendavison: Name or service not known", "fatal: Could not read from remote repository.", "", "Please make sure you have the correct access rights", "and the repository exists."], "stdout": "Cloning into '/data/ansible-crap/repos'...\n", "stdout_lines": ["Cloning into '/data/ansible-crap/repos'..."]} > > — > You are receiving this because you commented. > Reply to this email directly, view it on GitHub, or unsubscribe. — You are receiving this because you commented. Reply to this email directly, view it on GitHub, or unsubscribe.

it worked for me thanks a lot

Help me with this one ansible/ansible#67416

how to write playbook to git repo cloneing, i am facing errors