-
-
Save arbabnazar/6b9909cfba52ac066512ba5d1c1a1080 to your computer and use it in GitHub Desktop.
Example for Ansible git-module and ssh agent forwarding
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # files/env: | |
| Defaults env_keep += "SSH_AUTH_SOCK" | |
| # tasks/main.yml | |
| - name: ensure sudo keeps SSH_AUTH_SOCK in environment | |
| copy: src=env | |
| dest=/etc/sudoers.d/env | |
| mode=0440 | |
| owner=root | |
| group=root | |
| - name: clone repo from github | |
| git: repo=ssh://[email protected]/example/example-repo.git | |
| dest=/tmp/example-repo | |
| # ~/.ssh/config | |
| Host my-remote-ansible-host | |
| ForwardAgent yes | |
| # Make sure your key is added to ssh-agent |
Note that you also have to set "accept_hostkey" for ansible.builtin.git (see https://docs.ansible.com/ansible/latest/collections/ansible/builtin/git_module.html#parameter-accept_hostkey ) for the solution provided by @NorthV
I'm not sure at all why this seems to be necessary
Thanks, the adding a file to /etc/sudoers.d is a much more reassuringly idempotic way compared to editing /etc/sudoers
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Does anyone succeeded with ssh-agent forwarding and local connection?