如何通过ssh shell运行程序从私有gitlab到私有服务器执行命令

时间:2019-08-19 10:48:00

标签: ssh gitlab gitlab-ci-runner

情况: Shell gitlab运行程序,配置证书,ssh连接如下:

ssh-keygen --> id_rsa & id_rsa.pub

ssh-copy-id <user>@<remotehost>

ssh <user>@<remotehost> works as designed

id_rsa -> gitlab cicd variable called 'SSH_PRIVATE_KEY'

gitlab-ci如下:


before_script:
  - echo "Before script section"
  # Install ssh-agent if not already installed, it is required by Docker.
  # (change apt-get to yum if you use a CentOS-based image)
  - 'which ssh-agent || ( apt-get update -y && apt-get install openssh-client -y )'

  # Run ssh-agent (inside the build environment)
  - eval $(ssh-agent -s)

  # Add the SSH key stored in SSH_PRIVATE_KEY variable to the agent store
  - ssh-add < ~/.ssh/id_rsa
  - ssh-add -l

build1:
  stage: build
  script:
    - echo "Pulling on Dev\n"
    - ssh -A <user>@<remotehost> 
    - hostname
    - ssh-agent bash -c 'hostname'
    - ssh-agent bash -c 'awk "NR==1{print;exit}" /etc/php7/php.ini'

并发症: 在ssh连接后通过gitlab-ci执行命令时,它似乎在gitlab机器上执行。 (php安装在ssh'ed系统上,而不是gitlab上)

请参见下面的gitlab作业输出:

...
eval $(ssh-agent -s)
Agent pid 1234
$ ssh-add < ~/.ssh/id_rsa
Identity added: /home/gitlab-runner/.ssh/id_rsa (/home/gitlab-runner/.ssh/id_rsa)
$ ssh-add -l
4096 SHA256:<KEY> /home/gitlab-runner/.ssh/id_rsa (RSA)

# same behaviour with ssh -T <user>@<ipaddress> -p <portnumber> 
$ ssh -A <user>@<ipaddress> -p <portnumber>
Pseudo-terminal will not be allocated because stdin is not a terminal.

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
$ hostname
gitlab
$ ssh-agent bash -c 'hostname'
gitlab
$ ssh-agent bash -c 'awk "NR==1{print;exit}" /etc/php7/php.ini'
awk: cannot open /etc/php7/php.ini (No such file or directory)

我需要以什么方式配置系统,以便命令实际上在ssh'ed系统上运行?

2 个答案:

答案 0 :(得分:0)

我目前正在使用一个对我来说似乎太脏的解决方案。 在gitlab-ci中,我按如下所示拉并运行phpunit 

ssh -T <user>@<remotehost>  "cd /var/www/projectfolder; git pull https://<gitlabUser>:$GITLAB_TOKEN@<privateGitlab>/<gitRepo>.git;"
ssh -T <user>@<remotehost>  "cd /var/www/projectfolder/tests; phpunit;"

即,每次我想运行一个命令时,我都会使用一个新的ssh,这对我来说似乎并不正确。欢迎任何建议!

答案 1 :(得分:0)

@til根据您的建议请求,单个ssh命令... 

ssh -T <user>@<remotehost>  "cd /var/www/projectfolder; git pull https://<gitlabUser>:$GITLAB_TOKEN@<privateGitlab>/<gitRepo>.git; cd /var/www/projectfolder/tests; phpunit;"
相关问题
最新问题