我想搭建一个环境
目前,我登录到临时服务器,发出拉取请求,然后从 GitLab 存储库进行部署。但我想自动化这一步,所以决定学习使用 CI。
这是我的gitlab-ci.yml ↓
deploy-prod:
stage: deploy
script:
- echo "This job deploys something from the $CI_COMMIT_BRANCH branch."
- ssh -i $ID_RSA -o PubkeyAcceptedKeyTypes=+ssh-rsa -o StrictHostKeyChecking=no -p $SSH_PORT -v $SERVER_USER@$SERVER_IP "cd /var/www/wp/project_name/wpcontent/themes/theme_name && git checkout main && git pull origin main && exit"
environment: production
当它运行时,我收到类似 ↓
的错误日志Running with gitlab-runner 16.3.0~beta.108.g2b6048b4 (2b6048b4)
on green-3.saas-linux-small-amd64.runners-manager.gitlab.com/default Jhc_Jxvh, system ID: s_0e6850b2bce1
feature flags: FF_USE_IMPROVED_URL_MASKING:true, FF_RESOLVE_FULL_TLS_CHAIN:false
Preparing the "docker+machine" executor
00:19
Using Docker executor with image ruby:3.1 ...
Pulling docker image ruby:3.1 ...
Using docker image sha256:################################# for ruby:3.1 with digest ruby@sha256:########################################### ...
Preparing environment
00:05
Running on runner-jhcjxvh-project-45805569-concurrent-0 via runner-jhcjxvh-s-l-s-amd64-1696296011-84e5f577...
Getting source from Git repository
00:01
Fetching changes with git depth set to 20...
Initialized empty Git repository in /builds/ltech4/project_name/.git/
Created fresh repository.
Checking out 0ef72ff4 as detached HEAD (ref is main)...
Skipping Git submodules setup
$ git remote set-url origin "${CI_REPOSITORY_URL}"
Executing "step_script" stage of the job script
00:03
Using docker image sha256:#################################### for ruby:3.1 with digest ruby@sha256:######################################################## ...
$ echo "This job deploys something from the $CI_COMMIT_BRANCH branch."
This job deploys something from the main branch.
$ ssh -i $STAGE_ID_RSA -o PubkeyAcceptedKeyTypes=+ssh-rsa -o StrictHostKeyChecking=no -p $SSH_PORT -v $STAGE_SERVER_USER@$STAGE_SERVER_IP "cd /var/www/wp/wp-content/themes/project_name && git checkout main && git pull origin main && exit"
OpenSSH_9.2p1 Debian-2, OpenSSL 3.0.9 30 May 2023
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
Pseudo-terminal will not be allocated because stdin is not a terminal.
debug1: Connecting to ***.***.***.*** [***.***.***.***] port **.
debug1: Connection established.
debug1: identity file /builds/ltech4/project_name.tmp/STAGE_ID_RSA type 0
debug1: identity file /builds/ltech4/project_name.tmp/STAGE_ID_RSA-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_9.2p1 Debian-2
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.9p1 Ubuntu-3ubuntu0.3
debug1: compat_banner: match: OpenSSH_8.9p1 Ubuntu-3ubuntu0.3 pat OpenSSH* compat 0x04000000
debug1: Authenticating to **.***.***.***:** as '#####'
debug1: load_hostkeys: fopen /root/.ssh/known_hosts: No such file or directory
debug1: load_hostkeys: fopen /root/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: [email protected]
debug1: kex: host key algorithm: ssh-ed25519
debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none
debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: SSH2_MSG_KEX_ECDH_REPLY received
debug1: Server host key: ssh-ed25519 SHA256:###########################
debug1: load_hostkeys: fopen /root/.ssh/known_hosts: No such file or directory
debug1: load_hostkeys: fopen /root/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: checking without port identifier
debug1: load_hostkeys: fopen /root/.ssh/known_hosts: No such file or directory
debug1: load_hostkeys: fopen /root/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: SELinux support disabled
Warning: Permanently added '[***.***.***.***]:**' (ED25519) to the list of known hosts.
debug1: check_host_key: hostkey not known or explicitly trusted: disabling UpdateHostkeys
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 134217728 blocks
debug1: Will attempt key: /builds/ltech4/project_name.tmp/STAGE_ID_RSA RSA SHA256:######################################### explicit
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,[email protected],ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected],[email protected]>
debug1: kex_input_ext_info: [email protected]=<0>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering public key: /builds/ltech4/project_name.tmp/STAGE_ID_RSA RSA SHA256:############################################ explicit
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: password
debug1: read_passphrase: can't open /dev/tty: No such device or address
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
debug1: read_passphrase: can't open /dev/tty: No such device or address
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
debug1: read_passphrase: can't open /dev/tty: No such device or address
debug1: Authentications that can continue: publickey,password
debug1: No more authentication methods to try.
######@***.***.***,***: Permission denied (publickey,password).
Cleaning up project directory and file based variables
00:01
ERROR: Job failed: exit code 1
使用 SSH 登录时似乎遇到问题。 如果有人帮助我解决这个问题,我将不胜感激
问题似乎是 ssh 密钥有一个密码,所以我暂时禁用了它,但我仍然收到此错误消息。
我认为你不应该从你的 ci 中进行 ssh - 这感觉很混乱。
您没有理由不能在登台计算机上安装 gitlab 自托管运行程序(shell 运行程序是最简单的)。
然后创建一个引用该作业的作业并执行 git 命令来获取新主题。
通过这种方式,您可以控制来自 gitlab 的流量,并且无需担心 sshing,您可以让运行程序处理与您的 gitlab 存储库的连接。
或者,如果您对 sshing 感觉非常强烈 - gitlab 运行程序还有一个 ssh 执行器,可以远程连接到登台计算机并运行命令,尽管它的工作方式与我上面提到的相同,只是需要一些额外的配置和步骤。