我的私有项目的大多数存储库都托管在gitlab.com上的私有存储库(托管解决方案,而不是私有托管的gitlab服务器) . 这些站点托管在digitalocean VPS上 .
我想使用gitlab CI让 develop 分支上的每个提交都自动部署在测试服务器上 . 由于我已经在此测试服务器上克隆了存储库,因此自动部署的最简单方法似乎是将gitlab-ci连接到ssh服务器,并触发git pull .
gitlab-ci.yml 我现在(ssh before_script从http://docs.gitlab.com/ce/ci/ssh_keys/README.html复制) .
deploy to test:
environment: test
only:
- develop
before_script:
# Install ssh-agent if not already installed, it is required by Docker.
# (change apt-get to yum if you use a CentOS-based image)
- 'which ssh-agent || ( apt-get update -y && apt-get install openssh-client -y )'
# Run ssh-agent (inside the build environment)
- eval $(ssh-agent -s)
# add ssh key stored in SSH_PRIVATE_KEY variable to the agent store
- ssh-add <(echo "$SSH_PRIVATE_KEY")
# disable host key checking (NOTE: makes you susceptible to man-in-the-middle attacks)
# WARNING: use only in docker container, if you use it with shell you will overwrite your user's ssh config
- mkdir -p ~/.ssh
- echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config
script:
# Try and connect to the test server
- ssh [myname]@[mydomain.com] "cd /var/www/test.[projectname].com/ && git pull"
gitlab管道中 develop 提交的结果:
$ ssh [myname]@[mydomain.com] "cd /var/www/test.[projectname].com/ && git pull"
Warning: Permanently added '[mydomain.com],[255.255.255.255]' (ECDSA) to the list of known hosts.
Permission denied, please try again.
Permission denied, please try again.
Permission denied (publickey,password).
ERROR: Build failed: exit code 1
我将笔记本电脑上本地用户的私钥添加到gitlab上的 SSH_PRIVATE_KEY 变量中 . 私钥应该可以工作,因为我可以从笔记本电脑连接到服务器而无需提供密码 .
有没有人有这个工作,gitlab.com工作者如何连接到ssh服务器?
1 回答
AFAIK,你不能这样做:
ssh-agent没有获得关键上下文,也没有得到FD . 您应该将密钥存储在某个临时文件中,然后将其添加到代理(如果不再需要,可能会删除该文件):