Roots Discourse

Can't deploy: TASK [deploy : Clone project files] - git repo cannot be accessed


#1

First let me say that yes, I’ve searched this discourse and Google and I’m unable to find a solution to this problem. I’ve regenerated keys, I’ve created new github repos, I’ve spooled up new DO droplets and no matter what I attempt to try to do to resolve this, when I get to:

TASK [deploy : Clone project files]

I receive the following error:

Cloning into '/srv/www/-redacted-.com/shared/source'...
git@github.com: Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

fatal: [staging.-redacted-.com]: FAILED! => {"censored": "the output has been hidden due to the fact 
that 'no_log: true' was specified for this result"}
...ignoring

Then:

TASK [deploy : Failed connection to remote repo]

Git repo git@github.-redacted-/-redacted-.com-wordpress.git cannot be
accessed. Please verify the repository exists and you have SSH forwarding set
up correctly.
More info:
> https://roots.io/trellis/docs/deploys/#ssh-keys
> https://roots.io/trellis/docs/ssh-keys/#cloning-remote-repo-using-ssh-
agent-forwarding

fatal: [staging.-redacted-.com]: FAILED! => {"changed": false, "failed": true}

Let me point out that I’ve only begin to have these problems since I started a new project last week with the most recent version of Trellis, Bedrock and Sage. I am able to provision a server just fine but cannot deploy this specific project.

I have other projects I’m still working on with older versions of Trellis that use the same github account and I’m able to successfully deploy to those repos without incident.

I have verified that my newly generated public key (id_rsa.pub) has been added to my github account settings.

Running:

ssh -T git@github.com

Returns:

Hi -redacted-! You've successfully authenticated, but GitHub does not provide shell access.

Running:

ssh-add -l

Returns:

2048 SHA256:5/yTkpGk8OMbRZP6KWQvB4DZeMdEPfuZIhUrXWvsUoc -redacted-@MacBook-Pro-2.local (RSA)

Running:

ssh-add -K

Returns:

Identity added: /Users/-redacted-/.ssh/id_rsa (-redacted-@MacBook-Pro-2.local)

I’ve ensured that my keys for web and keys for admin contain my new key.

Running the following command succeeds:

ansible-playbook server.yml -e env=production --tags users

Attempting to rerun the ./deploy.sh continues to fail.

Manual connection, ssh admin@staging.-redacted-.com succeeds.

Running:

./bin/deploy.sh staging -redacted-.com --private-key=~/.ssh/id_rsa

Still fails at TASK [deploy : Clone project files]

I feel as if I have gone through every step to get this running. In the past I have spooled up DO droplets with Trellis over and over again without ever running into this issue.

I am running:
Vagrant 2.2.2
ansible 2.4.0.0


#2

For what it’s worth, I just finished setting up a new Trellis environment, provisioning to a new droplet successfully and attempting another deploy from a new repo which continues to fail.


#3

I’m still reading through and thinking but just a quick note to start: these entries don’t have anything to do with whether you can clone from GitHub. These only control whether you can connect to the droplet as the web or admin user which you seem to be able to just fine.


#4

I want to confirm that this is the correct Git URL. Can you paste the clone URL that GitHub itself gives you replacing only the domain name and no other part of the URL?


#5

Thanks for the response and your willingness to help.

git@github.com:username/site.com-wordpress.git

This is the correct git url above. We name our repos with the project domain, a hyphen, then the platform… ie wordpress, craft, etc…

I know we’re using the correct url… I’ve quadruple checked everything lol.
I will be out until Wednesday before I can check back on this. Thanks again!


#6

Can you confirm the contents of your ~/.ssh/config file?

And confirm that you’ve followed this guide to test and troubleshoot key forwarding?


#7

I got this once and it was because I had set staging to deploy a branch that hadn’t yet been published to GH.


#8

@MWDelaney - Yes, I followed that guide and it did not resolve the issue.

@ng3 - My staging was set to deploy to master branch, so that did not help either.

What ended up helping in the end today was to run the following commands. Not sure why this helped but it did:

sudo rm /etc/exports
sudo touch /etc/exports

vagrant halt
vagrant up