[chef] Question regarding the git LWRP

["Villa, Juan" < >]

Hey Guys,

Recently I started messing around with Chef and have been working on putting together a set of recipes to deploy applications from a private Git repository (currently using Bitbucket). I have created one recipe that will create a deployment user, generate a private/public key pair, and make an API request to bitbucket to register the key as a deployment key. I then have the application specific recipes that will clone from the private repository, compile, and install the application.

I am having an issue with cloning from the private repository with Chef. The chef “git” LWRP allows me to specify a “user” attribute, but it does not seem to be working the way I think It does. I was expect this “user” attribute to be the username on the machine that will execute the “git clone” command (therefor using the private ssh key installed previously). Here’s how I am doing this:

# configure bitbucket

node.override['bitbucket-deploy']['deploy_username'] = “deploy-app1"

node.override['bitbucket-deploy']['bitbucket_account'] = “xxxxx"

node.override['bitbucket-deploy']['bitbucket_username'] = “xxxxx"

node.override['bitbucket-deploy']['bitbucket_password'] = “xxxxx"

node.override['bitbucket-deploy']['bitbucket_repository'] = “app1"

# install recipes

# NOTE: the bitbucket-deploy recipe will create the deploy user, create a private/public SSH key pair, and register the public key as a deploy key with bitbucket.

include_recipe("bitbucket-deploy")

include_recipe("golang")

include_recipe("supervisor")

# create dirs

directory "#{node['go']['gopath']}/src/bitbucket.org/xxxxx/app1" do

user node['bitbucket-deploy']['deploy_username']

mode 0755

recursive true

end

# clone app1 source

git "#{node['go']['gopath']}/src/bitbucket.org/xxxxx/app1" do

user node['bitbucket-deploy']['deploy_username']

repository node[‘xxxxx']['git_repository']

reference node[‘xxxxx']['git_revision']

action :sync

end

When chef executes this recipe it fails with:

Permission denied (publickey). fatal: The remote end hung up unexpectedly

If I manually SSH into the machine as the deploy user and perform a “git clone” myself it works perfectly. It seems like chef is not using the user I specify in the “user” attribute of the LWRP. I know the LWRP is compiling with the correct attributes:

Compiled Resource:

------------------

# Declared in /var/chef/cache/cookbooks/xxxxx/recipes/default.rb:30:in `from_file'

git("/opt/go/src/bitbucket.org/xxxxx/app1") do

  provider Chef::Provider::Git

  action [:sync]

  retries 0

  retry_delay 2

  destination "/opt/go/src/bitbucket.org/xxxxx/app1"

  revision "HEAD"

  remote "origin"

  cookbook_name “xxxxx"

  recipe_name "default"

  user “deploy-app1"

  repository " :xxxxx/app1.git"

end

Am I doing something wrong here? Did I misunderstand the meaning of the “user” attribute?

Thanks!

---- 

Juan Villa