How to git clone private repos within Vagrant VM, using host's SSH keys?

I'm able to use PuppetLabs vcsrepo to clone public git repos, but I'd like to also be able to clone private repos, using the host's SSH keys.

What would the configuration look like for Vagrantfile and/or manifests/default.pp in order to accomplish this?


I can't help with the Puppet part, but you can forward the SSH Agent by setting:

Vagrant.configure("2") do |config|
  config.ssh.forward_agent = true
  # ...
end

This way the SSH connections (also make by git) try to use your private keys from the host.


Works on my machine!

Vagrantfile:

VAGRANTFILE_API_VERSION = '2'

Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
  config.vm.box = 'precise64'
  config.vm.box_url = 'http://files.vagrantup.com/precise64.box'

  #
  # Use host authenticaton for git and maven.
  #
  # Ensure host private key is registered with host SSH agent:
  #
  # ssh-add -L
  # ssh-add ~/.ssh/id_rsa
  # ssh-add -L
  #

  config.ssh.private_key_path = ['~/.vagrant.d/insecure_private_key', '~/.ssh/id_rsa']
  config.ssh.forward_agent = true

  config.vm.synced_folder "~/.m2", "/home/vagrant/.m2"

  config.vm.provision :shell, path: 'upgrade-puppet.sh'

  # Install puppet modules
  config.vm.provision :shell, path: 'bootstrap.rb', args: %w(
    puppetlabs-stdlib
    puppetlabs/apt
    puppetlabs/vcsrepo
  )

  config.vm.provision :puppet do |puppet|
    puppet.options = ENV['PUPPET_OPTIONS']
  end
end

upgrade-puppet.sh:

#!/bin/bash

apt-get install --yes lsb-release > /dev/null
DISTRIB_CODENAME=$(lsb_release --codename --short)
DEB="puppetlabs-release-${DISTRIB_CODENAME}.deb"
DEB_PROVIDES="/etc/apt/sources.list.d/puppetlabs.list" # Assume that this file's existence means we have the Puppet Labs repo added

if [ ! -e $DEB_PROVIDES ]
then
    # Print statement useful for debugging, but automated runs of this will interpret any output as an error
    # print "Could not find $DEB_PROVIDES - fetching and installing $DEB"
    wget -q http://apt.puppetlabs.com/$DEB
    sudo dpkg -i $DEB
fi
sudo apt-get update > /dev/null
sudo apt-get install --yes puppet > /dev/null

mkdir -p /etc/puppet
touch /etc/puppet/hiera.yaml

bootstrap.sh:

#!/usr/bin/env ruby

modules_dir = '/etc/puppet/modules'

puts `mkdir -p #{modules_dir}` unless File::exists? modules_dir

mods = ARGV

installed = `puppet module list`.split "\n"

mods.each do |mod|
  puts `puppet module install #{mod}` unless installed.any? { |i| i.include?(mod.sub('/','-')) }
end

manifests/default.pp:

exec { 'ssh know github':
  command => 'ssh -Tv [email protected] -o StrictHostKeyChecking=no; echo Success',
  path    => '/bin:/usr/bin',
  user    => 'vagrant'
}

vcsrepo { '/home/vagrant/a-private-repo':
  ensure   => latest,
  provider => git,
  source   => '[email protected]:mcandre/a-private-repo.git',
  user     => 'vagrant',
  owner    => 'vagrant',
  group    => 'vagrant',
  require  => Exec['ssh know github']
}