-1

I was trying to deploy the master branch via ssh, but after following the steps: https://medium.com/@hfally/a-gitlab-ci-config-to-deploy-to-your-server-via-ssh-43bf3cf93775 got:

image

my script:

before_script:
  - sudo apt-get update -qq
  - sudo apt-get install -qq git
  # Setup SSH deploy keys
  - 'which ssh-agent || (sudo apt-get install -qq openssh-client )'
  - eval $(ssh-agent -s)
  - ssh-add <(echo "$SSH_PRIVATE_KEY")
  - mkdir -p ~/.ssh
  - '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config'
    
deploy_staging:
  type: deploy
  environment:
    name: staging
    url: serverIp
  script:
    - ssh -t -t user@serverIp "cd var/www/ && git checkout master && git pull origin master && exit"
  only:
    - master

Yes, I already generated a private ssh key, saved it in the SSH_PRIVATE_KEY variable, I went to ~/.ssh/authorized_keys and put the public key there, I already entered the server on which Runner is installed and gave ssh user@serverIp and entered, but in the pipeline it always generates this error, I even considered putting ssh-keygen in the pipeline, but because input is needed, it didn't work

NOTE:

  • I changed the real ip for "serverIp" and the user just to illustrate
  • I don't speak English, so I used Google Translate, it may be that the text got confused.
Kristian
  • 2,456
  • 8
  • 23
  • 23
João Vitor
  • 1
  • 3
  • have you tried ```ssh -t -t user@serverIp "cd /var/www/"``` from your computer/PC/laptop? – Kristian Feb 26 '21 at 03:00
  • https://stackoverflow.com/search?q=%5Bgit%5D+%5Bssh%5D+Host+key+verification+failed – phd Feb 26 '21 at 10:57
  • "*Host key verification failed.*" is about **host** key, not user key. – phd Feb 26 '21 at 10:58
  • @Kristian I tried ssh -t -t user @ serverIp and entered. The complete command returned the logout, I believe it was due to the "exit". Anyway I tested ssh -t -t user @ serverIp in the pipeline and got the same error: "Host key verification failed" – João Vitor Feb 26 '21 at 16:19

1 Answers1

1

I would not recommend to turn off hostKeyVerification as you want to be sure to which server you are connecting etc.

Instead i would recommend to configure a CI Variable named KNOWN_HOSTS containing all your hostnames separated on new lines like

host1.com
host2.com

Than you can add following script in your .gitlab-ci.yml to add the host keys automatically, if the environment variable is set. It uses ssh-keyscan to add all the keys to your known hosts file.

- echo "Configuring known hosts based on the CI Variable `KNOWN_HOSTS`"
- |
  [[ ! -z "$KNOWN_HOSTS" ]] && echo "$KNOWN_HOSTS" | xargs -n 1 -I '{}' ssh-keyscan '{}' >> $HOME/.ssh/known_hosts || echo "KNOWN_HOSTS not set"
Simon Schrottner
  • 4,146
  • 1
  • 24
  • 36
  • I put in ```deploy_staging:``` in the script before the ssh request and I got: "This GitLab CI configuration is invalid: (): did not find expected alphabetic or numeric character while scanning an anchor at line 40 column 33 Learn more" – João Vitor Feb 26 '21 at 16:16