How to enable minion to connect to git repository using saltstack and capistrano

789 views Asked by At

I am trying to create run my rails application on ec2 using saltstack and capistrano.

Here's what I have successfully completed so far. Using salt cloud and salt master I am able to create a new minion instance and setup everything required for the application to run i.e. ruby, rails, unicorn, mysql etc.

I have done proper configuration for capistrano. when I try to deploy I see the following error.

DEBUG [ed84c6ab] Command: ( GIT_ASKPASS=/bin/echo GIT_SSH=/pathto/git-ssh.sh /usr/bin/env git ls-remote -h [email protected]:somehost/somerepo.git )
DEBUG [ed84c6ab]    Warning: Permanently added 'github.com,ip' (RSA) to the list of known hosts.
DEBUG [ed84c6ab]    Permission denied (publickey).
DEBUG [ed84c6ab]    fatal: Could not read from remote repository.
DEBUG [ed84c6ab]
DEBUG [ed84c6ab]    Please make sure you have the correct access rights
DEBUG [ed84c6ab]    and the repository exists.
DEBUG [ed84c6ab] Finished in 12.600 seconds with exit status 128 (failed).

So this means that from my local capistrano is able to connect to the minion but when it tries to checkout git repo it fails.

I know this is happening because the ssh public key of the minion is not added to the github.

so the goal is. run salt cloud to create instance run salt highstate to install everything required for app run capistrano deploy to start the application

I would like to automate github authorization process too. I mean once the minion is created the minion should be able to clone git repo without any manual intervention.

I am confused as to this can be done through capistrano or saltstack.

1

There are 1 answers

0
bitkot On BEST ANSWER

I used github ssh forwarding to achieve this. Here's the changes I made.

Steps to enable ssh forwarding for github

Then in capistrano deploy.rb file configure ssh forwarding by adding forward_agent: true

set :ssh_options, {
 user: 'user',
 auth_methods: %w(publickey),
 port: <some port>,
 forward_agent: true
}