Ansible Docker Container - Clone Private Repo
我正在尝试从Docker容器中的BitBucket克隆一个私有存储库(使用Ansible)。我只想尝试使它正常工作,所以我将公钥和私钥复制到了容器中。然后运行以下命令(FWICT这是Ansible命令上的简化版本):
1 | docker exec -i web git clone [email protected]:user/repo.git |
我明白了:
1 2 3 4 5 | Cloning into 'repo'... fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. |
请注意,如果我运行:
1 | docker exec -i -t web git clone [email protected]:user/repo.git |
我得到一个TTY并提示输入SSH私钥密码(似乎Ansible无法做到这一点),并且回购被克隆。
问题是,如何在没有
我在任务中使用SSH代理转发(http://dchua.com/2016/01/15/ssh-agent-forwarding-with-your-docker-container)设法找到了解决方法,如下所示:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 | - set_fact: ssh_auth_sock:"{{ lookup('env','SSH_AUTH_SOCK') }}" - name: Create container docker_container: name:"my_container" image:"my_image" ports: - 80 volumes: -"{{ playbook_dir }}/www:/var/www" -"{{ ssh_auth_sock }}:/ssh-agent" env: SSH_AUTH_SOCK: /ssh-agent - name: Add container to inventory add_host: name:"web" ansible_connection: docker - name: Clone Repository git: repo:"[email protected]:user/repo.git" dest:"/var/www/html" accept_hostkey: true delegate_to:"web" |