我想为我的 Ubuntu 服务器设置 gitlab CI/CD 和 ansible。 在我的 gitlab-ci.yml 中,我有以下命令:
before_script:
- ansible --version
- mkdir secret
- echo "$ANSIBLE_SSH_KEY" > secret/ansible.key ## import ansible ssh key
- chmod 400 secret/ansible.key
- export ANSIBLE_HOST_KEY_CHECKING=False
.
.
.
script:
- cat $APP_ENV_FILE_DEV > .env
- ansible-playbook -i $DEV_INVENTORY --private-key secret/ansible.key -vvv ./ansible/playbooks/deploy.yml
在
ansible-playbook<[MASKED]> ESTABLISH SSH CONNECTION FOR USER: [MASKED]
56<[MASKED]> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o 'IdentityFile="/home/gitlab-runner/builds/z9W8_2sz/0/osint4224931/Telegram-parser/secret/ansible.key"' -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="[MASKED]"' -o ConnectTimeout=10 -o ControlPath=/home/gitlab-runner/.ansible/cp/49d20e7fab [MASKED] '/bin/sh -c '"'"'echo ~[MASKED] && sleep 0'"'"''
57<[MASKED]> (255, b'', b'Load key "/home/gitlab-runner/builds/z9W8_2sz/0/osint4224931/Telegram-parser/secret/ansible.key": error in libcrypto\r\n[MASKED]@[MASKED]: Permission denied (publickey).\r\n')
58fatal: [[MASKED]]: UNREACHABLE! => {
59 "changed": false,
60 "msg": "Failed to connect to the host via ssh: Load key \"/home/gitlab-runner/builds/z9W8_2sz/0/osint4224931/Telegram-parser/secret/ansible.key\": error in libcrypto\r\n[MASKED]@[MASKED]: Permission denied (publickey).",
61 "unreachable": true
62}
63PLAY RECAP *********************************************************************
64[MASKED] : ok=0 changed=0 unreachable=1 failed=0 skipped=0 rescued=0 ignored=0
我已经在我的Ubuntu服务器中创建了用户,并将SSH公钥添加到authorized_keys中。
当我在本地尝试通过 SSH 进入该用户时,我成功了。但当 ansible 尝试这样做时,出现了问题。如果有用的话,我的 gitlab runner 可执行文件是 shell。 我在 CI/CD 中的 DEV_INVENTORY 变量如下:
[dev]
164.90.187.121 ansible_user=deployer
除了设置 gitlab runner 之外,我在服务器中所做的唯一一件事就是下载 ansible,仅此而已。