How to git clone private repos within Vagrant VM, using host's SSH keys?
I'm able to use PuppetLabs vcsrepo
to clone public git repos, but I'd like to also be able to clone private repos, using the host's SSH keys.
What would the configuration look like for Vagrantfile
and/or manifests/default.pp
in order to accomplish this?
I can't help with the Puppet part, but you can forward the SSH Agent by setting:
Vagrant.configure("2") do |config|
config.ssh.forward_agent = true
# ...
end
This way the SSH connections (also make by git) try to use your private keys from the host.
Works on my machine!
Vagrantfile:
VAGRANTFILE_API_VERSION = '2'
Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
config.vm.box = 'precise64'
config.vm.box_url = 'http://files.vagrantup.com/precise64.box'
#
# Use host authenticaton for git and maven.
#
# Ensure host private key is registered with host SSH agent:
#
# ssh-add -L
# ssh-add ~/.ssh/id_rsa
# ssh-add -L
#
config.ssh.private_key_path = ['~/.vagrant.d/insecure_private_key', '~/.ssh/id_rsa']
config.ssh.forward_agent = true
config.vm.synced_folder "~/.m2", "/home/vagrant/.m2"
config.vm.provision :shell, path: 'upgrade-puppet.sh'
# Install puppet modules
config.vm.provision :shell, path: 'bootstrap.rb', args: %w(
puppetlabs-stdlib
puppetlabs/apt
puppetlabs/vcsrepo
)
config.vm.provision :puppet do |puppet|
puppet.options = ENV['PUPPET_OPTIONS']
end
end
upgrade-puppet.sh:
#!/bin/bash
apt-get install --yes lsb-release > /dev/null
DISTRIB_CODENAME=$(lsb_release --codename --short)
DEB="puppetlabs-release-${DISTRIB_CODENAME}.deb"
DEB_PROVIDES="/etc/apt/sources.list.d/puppetlabs.list" # Assume that this file's existence means we have the Puppet Labs repo added
if [ ! -e $DEB_PROVIDES ]
then
# Print statement useful for debugging, but automated runs of this will interpret any output as an error
# print "Could not find $DEB_PROVIDES - fetching and installing $DEB"
wget -q http://apt.puppetlabs.com/$DEB
sudo dpkg -i $DEB
fi
sudo apt-get update > /dev/null
sudo apt-get install --yes puppet > /dev/null
mkdir -p /etc/puppet
touch /etc/puppet/hiera.yaml
bootstrap.sh:
#!/usr/bin/env ruby
modules_dir = '/etc/puppet/modules'
puts `mkdir -p #{modules_dir}` unless File::exists? modules_dir
mods = ARGV
installed = `puppet module list`.split "\n"
mods.each do |mod|
puts `puppet module install #{mod}` unless installed.any? { |i| i.include?(mod.sub('/','-')) }
end
manifests/default.pp:
exec { 'ssh know github':
command => 'ssh -Tv [email protected] -o StrictHostKeyChecking=no; echo Success',
path => '/bin:/usr/bin',
user => 'vagrant'
}
vcsrepo { '/home/vagrant/a-private-repo':
ensure => latest,
provider => git,
source => '[email protected]:mcandre/a-private-repo.git',
user => 'vagrant',
owner => 'vagrant',
group => 'vagrant',
require => Exec['ssh know github']
}