Roots Discourse

Connecting to remote repo during deploy in Bitbucket Pipeline

I am having issues with doing deploys from a Bitbucket Pipeline to a staging/prod server. The problem specifically is:

TASK [deploy : Clone project files] ********************************************
System info:
  Ansible 2.8.8; Linux
  Trellis Head
---------------------------------------------------
fatal: [46.101.65.29]: FAILED! => {"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false}
...ignoring
TASK [deploy : Remove untracked files from project folder] *********************
ok: [46.101.65.29]
TASK [deploy : Failed connection to remote repo] *******************************
System info:
  Ansible 2.8.8; Linux
  Trellis Head
---------------------------------------------------
Git repo git@bitbucket.org:clayton93/trellis.git cannot be accessed. Please
verify the repository exists and you have SSH forwarding set up correctly.
More info:
> https://roots.io/trellis/docs/deploys/#ssh-keys
> https://roots.io/trellis/docs/ssh-keys/#cloning-remote-repo-using-ssh-
agent-forwarding
fatal: [46.101.65.29]: FAILED! => {"changed": false}

It seems to be having trouble cloning the repo. The repo is the same (private) repo the Pipeline is running in. I have added the pipeline’s SSH key to the repo’s Access Keys which I hoped would solve it.

My pipeline config is:

pipelines:
  branches:
    master:
      - step:
          name: First Step
          image: misterio92/ci-php-node:3.0
          caches:
            - composer-bedrock
            - composer-sage
            - node-sage
          script:
            - cd $BITBUCKET_CLONE_DIR/trellis && echo $VAULT_PASS > .vault_pass
            - apt-get update -qy
            - apt-get install -y python-dev python-pip
            - chmod 700 /opt/atlassian/pipelines/agent/build
            - chmod 700 /opt/atlassian/pipelines/agent/build/trellis
            - cd $BITBUCKET_CLONE_DIR/trellis && pip install -r requirements.txt
            - cd $BITBUCKET_CLONE_DIR/trellis && ansible-galaxy install -r galaxy.yml
            - cd $BITBUCKET_CLONE_DIR/trellis && ./bin/deploy.sh production trellis.wearefx.uk --vault-password-file .vault_pass --inventory hosts/production

hey @Clayton_Jones I had the same issue, I spent entire week on testing; adding SSH key to user settings, then to repo settings, then to entire team of repo but nothing worked.

I have an idea tho, based on my not so far ago expierience with SSH keys - is it RSA or OpenSSH key? From what I remember I used OpenSSH key and from what I noticed some services prefer old RSA format.
But this is just guessing.

Hey @tjedrak, thanks for your response.

Yeah I have done the same in adding the Pipeline’s key to the repo and my profile but no luck. I am just using the SSH key provided by the Pipeline, which is RSA I believe.

@Clayton_Jones if that’s not a big issue for you, maybe you can switch to CircleCI.
@TangRufus created amazing Orb for deploys -> https://circleci.com/orbs/registry/orb/itinerisltd/tiller-circleci

And here is an example config for default Trellis setup ->

1 Like