Gitlab管道权限被拒绝(PublicKey)

时间:2019-11-10 01:25:35

标签: ssh gitlab-ci digital-ocean ubuntu-18.04 gitlab-ci-runner

我的gitlab管道作业无法通过SSH连接到数字海洋上的生产服务器。据我所知,我已经正确地完成了所有操作:

  1. 将公共密钥复制到生产服务器的~/.ssh/authorized_keys
  2. 运行chmod -R go= ~/.sshchown -R $USER:$USER ~/.ssh以确保正确设置了权限
  3. 将私钥复制到CI / CD设置中的PRODUCTION_PRIVATE_KEY变量中。

运行作业后,使用错误代码连接到服务器时,它仍然失败:

root@123.456.789.10: Permission denied (publickey).
ERROR: Job failed: exit code 1

这是我的 .gitlab-ci.yml:

before_script:
  - 'which ssh-agent || ( apt-get update -y && apt-get install openssh-client -y )'
  - 'apt-get update -y && apt-get -y install rsync'
  - mkdir -p ~/.ssh
  - eval $(ssh-agent -s)
  - '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config'

stage_deploy:
  artifacts:
    paths:
      - /
  #only run script when pushed to master branch 
  only:
    - master
  script:
    #get private key
    - ssh-add <(echo "$PRODUCTION_PRIVATE_KEY") 
    #make a _tmp directory on server **THIS IS WHERE IT FAILS**
    - ssh -p22 root@123.456.789.10 "mkdir /var/www/html/example.com_tmp"
    #copy all repo files to _tmp
    - rsync -avz --exclude=.git --exclude=src -r /builds/geochanto/example-wp/ george@123.456.789.10:/var/www/html/example.com_tmp
    #move site folder to _old, move _tmp to site
    - ssh -p22 j8rqv2sd9lt6@107.180.54.236 "mv /var/www/html/example.com/ /var/www/html/example.com_old && mv /var/www/html/example.com_tmp /var/www/html/example.com"
    #remove _old folder
    - ssh -p22 j8rqv2sd9lt6@107.180.54.236 "rm /var/www/html/example.com_old"```

0 个答案:

没有答案