Ansible: Install package with pip from a private git repo

Question 1

I am trying to install a package from a private git repo using ansible’s pip module this way:

- name: Install my package
  pip: name='git+ssh://git@github.com/mycompany/my-repo.git#egg=0.1.0'
       virtualenv=/path/to/venv

1

2

3

4

- name: Install my package

pip: name='git+ssh://git@github.com/mycompany/my-repo.git#egg=0.1.0'

virtualenv=/path/to/venv

But this hangs when I try to provision this with vagrant, most likely because it prompts for confirmation to add the key to the list of known hosts. Indeed when I run this in vagrant:

pip install git+ssh://git@github.com/mycompany/my-repo.git#egg=0.1.0

1 2	pip install git+ssh://git@github.com/mycompany/my-repo.git#egg=0.1.0

It prompts for confirmation to add github to the know hosts and then works fine.

If I clone it with accept_hostkey=yes:

- name: Clone repo
  git: repo=git@github.com:mycompany/my-repo.git
       dest=/path/to/dest
       accept_hostkey=yes
       recursive=no

1

2

3

4

5

6

- name: Clone repo

git: repo=git@github.com:mycompany/my-repo.git

dest=/path/to/dest

accept_hostkey=yes

recursive=no

it works fine because it accepts the host key that is copied on vagrant. With the pip module there is no such option, any way around this?
As an alternative I could do a clone and then a python setup.py install but I’d rather do that in one step with pip.

Question 2

The checkout command hangs because github.com is not among the known hosts of your Ansible user. You should add the github.com SSH key fingerprint to the /home/user/.ssh/known_hosts file. Fortunately, known_hosts is now a module available in Ansible 1.9:
http://docs.ansible.com/known_hosts_module.html

- known_hosts: path=/home/user/.ssh/known_hosts name=github.com key="|1|ba0yHIHdbaD9nswn12xSOyD8DFE=|EVZBrcr46cYcmx6qFRIrzTvWUX4= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ=="

1

2

- known_hosts: path=/home/user/.ssh/known_hosts name=github.com key="|1|ba0yHIHdbaD9nswn12xSOyD8DFE=|EVZBrcr46cYcmx6qFRIrzTvWUX4= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ=="

If you are using Ansible < 1.9, you may use standard ssh-keygen commands:

- shell: ssh-keygen -l -f /home/user/.ssh/known_hosts -F github.com
  register: github_host_is_known
- shell: ssh-keyscan -H github.com >> /home/user/.ssh/known_hosts 
  when: github_host_is_known|failed

1

2

3

4

5

- shell: ssh-keygen -l -f /home/user/.ssh/known_hosts -F github.com

register: github_host_is_known

- shell: ssh-keyscan -H github.com >> /home/user/.ssh/known_hosts

when: github_host_is_known|failed

Ansible: Install package with pip from a private git repo

Question:

Answer:

Leave a Reply Cancel reply