ssh-keyscan do not d of gitlab job中的EC2实例公共钥匙

发布于 2025-02-07 09:52:37 字数 1104 浏览 5 评论 0原文

我在GitLab CI/CD管道上工作，该管道应将Docker容器部署到AWS EC2实例。我正在尝试实施描述的方法在这里我的一项工作正在失败，因为ssh-keyscan＆lt; ip＆gt;不起作用。我的管道看起来像这样：

...
deploy-to-staging:
    image: docker:20.10.14
    stage: deploy to staging
    needs: ["docker-stuff"]
    before_script:
        - 'command -v ssh-agent >/dev/null || ( apt-get update -y && apt-get install openssh-client -y )'
        - eval $(ssh-agent -s)
        - echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add -
        - mkdir -p ~/.ssh
        - chmod 700 ~/.ssh
        - ssh-keyscan $EC2_IP >> ~/.ssh/known_hosts
        - chmod 644 ~/.ssh/known_hosts
...

它在-ssh-keyscan $ ec2_ip＆gt;＆gt;中失败。〜/.ssh/nown_host与错误：作业失败：退出代码1。

我的gitlab变量：

ssh_private_key -.pem格式的ec2键配方
ec2_ip -public ipv4 dns

我已经尝试过ssh -keyscan＆lt; ipv4 dns dns或ip＆gt;本地，并且它起作用。我还在单独的Ubuntu EC2实例上尝试了它，并且没有输出。

任何帮助将不胜感激。

原文

I work on GitLab ci/cd pipeline that should deploy docker containers to AWS ec2 instance. I'm trying to implement approach described here and one of my jobs is being failed because ssh-keyscan <ip> doesn't work.
My pipeline looks like that:

...
deploy-to-staging:
    image: docker:20.10.14
    stage: deploy to staging
    needs: ["docker-stuff"]
    before_script:
        - 'command -v ssh-agent >/dev/null || ( apt-get update -y && apt-get install openssh-client -y )'
        - eval $(ssh-agent -s)
        - echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add -
        - mkdir -p ~/.ssh
        - chmod 700 ~/.ssh
        - ssh-keyscan $EC2_IP >> ~/.ssh/known_hosts
        - chmod 644 ~/.ssh/known_hosts
...

It fails at - ssh-keyscan $EC2_IP >> ~/.ssh/known_hosts line with ERROR: Job failed: exit code 1.

My GitLab varables: