I'm trying to set up automatic updates to my app.
I'm using ansible with ssh key verification. It all works fine on just a clone to new directory but asks for my credentials when I'm trying to update contents of existing one with earlier version of the app. The ssh key is obviously added to the repo and all of its submodules as it works while cloning and doesn't ask for password then.
I don't want to have credentials saved on the device. Here's part of the playbook responsible for git operations:
- git:
key_file: '/home/pi/ansible/key'
repo: '[email protected]:space/repo_with_submodules.git'
dest: "{{ build_dir }}"
update: yes
version: main
recursive: yes
accept_hostkey: yes
How can I make it not ask for credentials or is there any other way to just update, without cloning the whole thing that doesn't ask for password?
CodePudding user response:
In case the credentials are asked because of an HTTPS URL in .gitmodules
of your repository, try and configure first in your Ansible playbook a:
# Configures git.
---
- name: Use SSH instead of HTTPS proto
command: "git config --global url.'ssh://git@'.insteadOf https://"
sudo: no
That would force Git to always use SSH, which should work if your URLS are from BitBucket.