We are attempting to setup CD for an existing application that uses capistrano to deploy to EC2. Currently, the deploy fails early when running the command git ls-remote --heads git@github.com:my-org/my-repo:
** Execute git:check
INFO [28b2624a] Running /usr/bin/env git ls-remote --heads git@github.com:my-org/my-repo.git as ubuntu@server.ip.address
DEBUG [28b2624a] Command: ( export GIT_ASKPASS="/bin/echo" GIT_SSH="/tmp/appname/git-ssh.sh" ; /usr/bin/env git ls-remote --heads git@github.com:my-org/my-repo.git )
DEBUG [28b2624a] Permission denied (publickey).
DEBUG [28b2624a] fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
cap aborted!
We’ve added some extra debug tasks to see if ssh agent forwarding is working and I can see the github deploy key and the key for EC2 running through capistrano on the EC2 server using ssh-add -L. I can even have a capistrano step run ssh -T git@github.com and I get the expected response of Hi org-name/softwareteam! You've successfully authenticated, but GitHub does not provide shell access.
Things get weird when I debug a build using SSH. Attempting to deploy fails in the Circle SSH environment unless we run ssh-add -D and then ssh-add the keys in ~/.ssh/, at which point cap staging deploy is successful. Adding these commands to the deploy step in circle.yml does not resolve anything.