Cannot specify an Identity File (Deploy Key) to use with private git repositories.

ansible / galaxy

Legacy Galaxy still available as read-only on https://old-galaxy.ansible.com - looking for the new galaxy -> https://github.com/ansible/galaxy_ng

Apache License 2.0

854 stars 328 forks source link

Cannot specify an Identity File (Deploy Key) to use with private git repositories. #337

Open peterchoo opened 6 years ago

peterchoo commented 6 years ago

We have some roles which cannot be made public, but are required in multiple projects. These repositories are accessed via Deploy Keys.

I would like to be able to specify an SSH key in the roles file for ansible-galaxy to use per role (if required), similar to how I can in the git module with the key_file argument.

chouseknecht commented 6 years ago

@peterchoo

My first thought was to use the environment variable GIT_SSH, but you wouldn't be able to set that at a per-role level when installing via requirements.yml.

A work around would be to use a playbook to run the install. The playbook task would use command to run ansible-galaxy, combined with with_items to loop over a data structure containing the role name and the SSH key path.

peterchoo commented 6 years ago

@chouseknecht Thanks for the quick response, and the possibility of using a a playbook.

It's a work around that we are currently using in one place, however it's unsatisfactory because it isn't something that we expect to do, and is added complexity. We are also using public roles available from Galaxy, and so having two places to install roles from is not the end of the world, but it is undesired.

rob0r commented 5 years ago

Would be amazing if the Ansible Galaxy requirements.yml worked similar to the git module as already mentioned.

- git:
    repo: 'ssh://git@foosball.example.org/path/to/repo.git'
    dest: /srv/checkout
    key_file: path_to_key

$workplace has a private set of Ansible repo's and at the moment, doing a hack to pull these repos down is messy.