deploy_key

Hi,

I’m struggling a bit with a git deployment resource. There’s a bit of documentation here:

http://wiki.opscode.com/display/chef/Deploy+Resource

This hints at setting deploy_key in a data bag. However, there’s no complete example of this, and I can’t get it to work.

Here’s what I’ve currently got:

leafhopper:secondsync dan$ knife data bag show secondsync -Fj
[
“deploy_key”
]
leafhopper:secondsync dan$ knife data bag show secondsync deploy_key -Fj
{
“id”: “deploy_key”,
“deploy_key”: “-----BEGIN RSA PRIVATE KEY-----\nxxxx\n-----END RSA PRIVATE KEY-----”
}

(Obviously, that has my real private key in there! Incidentally, the body of the xxxx also contains newline characters - is that OK?)

I then have a recipe like this:

git node[:secondsync][:location] do
repository node[:secondsync][:repository]
reference node[:secondsync][:reference]
action :sync
end

I’ve got all the attributes mentioned above set, but see the following in the chef client log:

/usr/lib/ruby/gems/1.8/gems/chef-0.10.4/bin/…/lib/chef/application/client.rb:229:in run_application' /usr/lib/ruby/gems/1.8/gems/chef-0.10.4/bin/../lib/chef/application.rb:67:inrun’
/usr/lib/ruby/gems/1.8/gems/chef-0.10.4/bin/chef-client:26
/usr/bin/chef-client:19:in `load’
/usr/bin/chef-client:19
[Tue, 11 Oct 2011 17:03:08 +0100] ERROR: Running exception handlers
[Tue, 11 Oct 2011 17:03:08 +0100] FATAL: Saving node information to /var/chef/cache/failed-run-data.json
[Tue, 11 Oct 2011 17:03:08 +0100] ERROR: Exception handlers complete
[Tue, 11 Oct 2011 17:03:08 +0100] ERROR: Chef::Exceptions::ShellCommandFailed: git[/var/secondsync/staging] (secondsync::default line 15) had an error: Expected process to exit with [0], but received ‘128’
---- Begin output of git clone git@git.fezconsulting.com:ss.git /var/secondsync/staging ----
STDOUT: Initialized empty Git repository in /var/secondsync/staging/.git/
STDERR: Permission denied, please try again.
Permission denied, please try again.
Permission denied (publickey,password).
fatal: The remote end hung up unexpectedly
---- End output of git clone git@git.fezconsulting.com:ss.git /var/secondsync/staging ----

I can’t tell whether the private key is being used (but isn’t validating), or isn’t being used at all. I certainly can’t see how a particular git deploy resource finds the right private key to use (which leads to the question how multiple keys for different source repos are managed, of course).

Can someone point me in the right direction, please?

Cheers,
Dan


Dan Fairs | dan.fairs@gmail.com | www.fezconsulting.com