# Image neeeds to have ssh-client | |
image: docker:git | |
services: | |
- docker:dind | |
stages: | |
- staging | |
before_script: | |
- docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN $CI_REGISTRY | |
- mkdir -p ~/.ssh | |
# Paste the PRIVATE key into a gitlab variable. Pay attention to the linebreak at the end when pasting | |
- echo "$DEPLOY_SERVER_PRIVATE_KEY" | tr -d '\r' > ~/.ssh/id_rsa | |
- chmod 600 ~/.ssh/id_rsa | |
- eval "$(ssh-agent -s)" | |
- ssh-add ~/.ssh/id_rsa | |
- ssh-keyscan -H 'your.server.hostname' >> ~/.ssh/known_hosts | |
staging: | |
stage: staging | |
tags: | |
- docker | |
only: | |
- staging | |
script: | |
- docker build --pull -t $CI_REGISTRY_IMAGE:staging . | |
- docker push $CI_REGISTRY_IMAGE:staging | |
# your own server details here | |
- ssh $SERVER_USER@$SERVER_HOSTNAME < deploy.sh |
This comment has been minimized.
This comment has been minimized.
I don't think this part of line 13 is necessary: |
This comment has been minimized.
This comment has been minimized.
Hello, just tried and |
This comment has been minimized.
This comment has been minimized.
@wysow I managed to solve "invalid format" issue https://stackoverflow.com/a/47291376/1642477 |
This comment has been minimized.
This comment has been minimized.
@karser and how did you solve it? in that question there's nothing about fixing this issue. |
This comment has been minimized.
This comment has been minimized.
Worked perfectly, thanks!
|
This comment has been minimized.
This comment has been minimized.
Thanks @amatiash ! |
This comment has been minimized.
This comment has been minimized.
Thanks @amatiash ! |
This comment has been minimized.
This comment has been minimized.
$ echo "$TEST_SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add - >/dev/null ((((( |
This comment has been minimized.
This comment has been minimized.
I had to also run this on the deployment server https://stackoverflow.com/questions/44363537/gitlab-ci-ssh-permission-denied-publickey-password
|
This comment has been minimized.
This comment has been minimized.
Probably obvious, but you need to install |
This comment has been minimized.
This comment has been minimized.
I know this is 2 years old but just wanted post what worked for me:
|
This comment has been minimized.
This comment has been minimized.
I have had the same error. |
This comment has been minimized.
This comment has been minimized.
I ran run |
This comment has been minimized.
This comment has been minimized.
Hi, there, same error, |
This comment has been minimized.
This comment has been minimized.
In case it helps someone: |
This comment has been minimized.
This comment has been minimized.
In case it helps someone: |
This comment has been minimized.
This comment has been minimized.
Hi. I've written a SSH helper for .gitlab-ci.yml. Just include: it to your .gitlab-ci.yml and then you can go with:
|
This comment has been minimized.
This comment has been minimized.
@amatiash i followed your method but i got the following response
Why does it request for passphrase? |
This comment has been minimized.
This comment has been minimized.
So now it fixes or not? |
This comment has been minimized.
This comment has been minimized.
echo ${ID_RSA_DEVELOP} > id_rsa |
This comment has been minimized.
This comment has been minimized.
我解决这个问题:
|
This comment has been minimized.
This comment has been minimized.
yo, it looks like the ssh key you created to use was created with a password, you might want to create a new ssh key that doesn't use a password. It is recommended that you don't use a password for SSH keys for server communication because it will error out the process since you can't put the password in manually when it ask for it when Gitlab's runner process is going. I had this issue a few weeks ago; so this is why I am suggesting that to you. |
This comment has been minimized.
This comment has been minimized.
this worked for me:
` |
This comment has been minimized.
This comment has been minimized.
If you need to enter the password, then you have to. I found a way how to do that. before_script:
- 'which ssh-agent || ( apt-get update -y && apt-get install openssh-client -y )'
- 'which sshpass || ( apt-get update -y && apt-get install sshpass -y )'
- mkdir -p ~/.ssh
- echo "$SSH_PRIVATE_KEY" | tr -d '\r' > ~/.ssh/id_rsa
- chmod 700 ~/.ssh/id_rsa
- eval $(ssh-agent -s)
- ssh-add ~/.ssh/id_rsa
- ssh-keyscan -H 'gitlab.com' >> ~/.ssh/known_hosts
- ssh-keyscan gitlab.com | sort -u - ~/.ssh/known_hosts -o ~/.ssh/known_hosts
- rm -rf .git
- '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config'
script:
- sshpass -p "<your password goes here>" ssh username@hostname "your commands" I used sshpass |
This comment has been minimized.
This comment has been minimized.
I generated ssh keys that didn't need a password so I used that code above without sshpass, but am receiving this issue:
Code:
I have been troubleshooting for hours and cannot resolve the issue. Could anyone please help? |
This comment has been minimized.
This comment has been minimized.
how can i use a different ssh port (like 2222) ?? |
This comment has been minimized.
This comment has been minimized.
useful tip, thanks |
This comment has been minimized.
This comment has been minimized.
Use
|
This comment has been minimized.
This comment has been minimized.
This did the trick! |
This comment has been minimized.
This comment has been minimized.
This worked |
This comment has been minimized.
This comment has been minimized.
It worked for me |
This comment has been minimized.
This comment has been minimized.
So sorry I can't really contribute guys cos I've moved on to other tools and things over the past few years after a short time kicking the tires on gitlab. This gist has really taken on a mind of its own. Glad it facilitated some useful discussion. |
This comment has been minimized.
This comment has been minimized.
Which tool do use you now for CI/CD? I'm tired with Jenkins, yet moved to Gitlab CI/CD but the SSH way was just too f**king dumb. |
This comment has been minimized.
This comment has been minimized.
Hey all, just tackled this today. FYI, this is how you can do git operations (i.e. tagging) from within CI as of today (variable of type 'File'): tagging_job:
stage: release
image: ubuntu
before_script:
- mkdir -p ~/.ssh
# Settings > Repository > Deploy Keys > "DEPLOY_KEY_PUBLIC" is the public key of the utitlized SSH pair (choose `Write access allowed` on creation)
# Settings > CI/CD > Variables > "DEPLOY_KEY_PRIVATE" is the private key of the utitlized SSH pair, type is 'File' and ends with empty line
- mv "$DEPLOY_KEY_PRIVATE" ~/.ssh/id_rsa
- chmod 600 ~/.ssh/id_rsa
- 'which ssh-agent || ( apt-get update -y && apt-get install openssh-client git -y )'
- eval "$(ssh-agent -s)"
- ssh-add ~/.ssh/id_rsa
- ssh-keyscan -H 'gitlab.com' >> ~/.ssh/known_hosts
script:
# try to connect to GitLab.com
- ssh git@gitlab.com
# fresh clone
- mkdir ~/source && cd $_
- git clone git@gitlab.com:$CI_PROJECT_PATH.git
- cd $CI_PROJECT_NAME
# Version tag
- git tag my-tag
- git push --tags -o ci.skip The workflow:
rules:
- if: $CI_COMMIT_TAG
when: never
- when: always Peace |
This comment has been minimized.
This comment has been minimized.
Hi Guys |
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This was exactly what is going on for me. And anyone else that feels like they need to unprotect their variable, don't do that. Just go configure your protected branches and tags to inject these variables like @richardhj said. |
This comment has been minimized.
This comment has been minimized.
is worked for me |
This comment has been minimized.
I tried the code, but have some problem