直接拉一个Bitbucket Repo就成功了。通过管道完成时失败
Pulling a Bitbucket Repo directly is successful. Fails when done via a pipeline
我正在尝试从 bitbucket 管道部署到 Digital Ocean droplet。
通过管道时,这是不成功的,导致 permission denied (publickey) 错误。
但是,当尝试从服务器上的 shell 运行 完全相同的文件时,git 拉取成功。
考虑到它是试图从 bitbucket 中提取的同一个文件,我无法弄清楚为什么这可能会通过一种方法失败而不是另一种方法。
Bitbucket 管道失败
Pull.sh Digital Ocean Droplet
# Change to the git directory
printf "${Red}=== Repo Pull ===${Color_Off}\n"
printf "${Red}Changing Directory to 'eg-api'\n"
cd eg-api
#Pull From Repo
printf "${Red}Attempting pull from repo${Color_Off}\n"
git pull origin master
printf "${Red}Repo: Local Copy Updated${Color_Off}\n"
#Change Directory
cd refgator-api
# Starts the application
python3 refgator-api.py
直接在 droplet 上执行时成功的 repo Pull。
=== Repo Pull ===
Changing Directory to 'eg-api'
Attempting pull from repo
From bitbucket.org:[myusername]/[myrepo]
* branch master -> FETCH_HEAD
Already up to date.
Repo: Local Copy Updated
启用 -vvv
在 pull.sh
中使用 GIT_SSH_COMMAND="ssh -vvv" git pull git@bitbucket.org:myusername/myrepo.git 而不是 git pull origin master
以下是尝试从 Bitbucket 管道部署时的输出:
debug1: Authenticating to bitbucket.org:22 as 'git'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256@libssh.org
debug1: kex: host key algorithm: ssh-rsa
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ssh-rsa SHA256:zzX...
debug1: read_passphrase: can't open /dev/tty: No such device or address
Host key verification failed.
fatal: Could not read from remote repository.
下面是 运行从 Digital Ocean 中下载完全相同的文件时提供的输出。
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /root/.ssh/id_rsa RSA SHA256:ebh... agent
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 60
debug1: Server accepts key: /root/.ssh/id_rsa RSA SHA256:ebh... agent
debug3: sign_and_send_pubkey: RSA SHA256:ebh...
debug3: sign_and_send_pubkey: signing using ssh-rsa SHA256:ebh...
debug3: send packet: type 50
很明显,密钥通过一种方法被接受,而另一种方法则不能。
已通过修改 bitbucket 上的 deploy.sh 脚本以包含 ssh -tt 参数解决此问题。
default:
- step:
script:
- - cat ./deploy.sh | ssh root@xxx.xxx.xxx.xxx
+ - cat ./deploy.sh | ssh -tt root@xxx.xxx.xxx.xxx
- echo "Deploy step finished"
得到 this 回答的帮助
我正在尝试从 bitbucket 管道部署到 Digital Ocean droplet。
通过管道时,这是不成功的,导致 permission denied (publickey) 错误。
但是,当尝试从服务器上的 shell 运行 完全相同的文件时,git 拉取成功。
考虑到它是试图从 bitbucket 中提取的同一个文件,我无法弄清楚为什么这可能会通过一种方法失败而不是另一种方法。
Bitbucket 管道失败
Pull.sh Digital Ocean Droplet
# Change to the git directory
printf "${Red}=== Repo Pull ===${Color_Off}\n"
printf "${Red}Changing Directory to 'eg-api'\n"
cd eg-api
#Pull From Repo
printf "${Red}Attempting pull from repo${Color_Off}\n"
git pull origin master
printf "${Red}Repo: Local Copy Updated${Color_Off}\n"
#Change Directory
cd refgator-api
# Starts the application
python3 refgator-api.py
直接在 droplet 上执行时成功的 repo Pull。
=== Repo Pull ===
Changing Directory to 'eg-api'
Attempting pull from repo
From bitbucket.org:[myusername]/[myrepo]
* branch master -> FETCH_HEAD
Already up to date.
Repo: Local Copy Updated
启用 -vvv
在 pull.sh
中使用GIT_SSH_COMMAND="ssh -vvv" git pull git@bitbucket.org:myusername/myrepo.git 而不是 git pull origin master
以下是尝试从 Bitbucket 管道部署时的输出:
debug1: Authenticating to bitbucket.org:22 as 'git'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256@libssh.org
debug1: kex: host key algorithm: ssh-rsa
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ssh-rsa SHA256:zzX...
debug1: read_passphrase: can't open /dev/tty: No such device or address
Host key verification failed.
fatal: Could not read from remote repository.
下面是 运行从 Digital Ocean 中下载完全相同的文件时提供的输出。
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /root/.ssh/id_rsa RSA SHA256:ebh... agent
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 60
debug1: Server accepts key: /root/.ssh/id_rsa RSA SHA256:ebh... agent
debug3: sign_and_send_pubkey: RSA SHA256:ebh...
debug3: sign_and_send_pubkey: signing using ssh-rsa SHA256:ebh...
debug3: send packet: type 50
很明显,密钥通过一种方法被接受,而另一种方法则不能。
已通过修改 bitbucket 上的 deploy.sh 脚本以包含 ssh -tt 参数解决此问题。
default:
- step:
script:
- - cat ./deploy.sh | ssh root@xxx.xxx.xxx.xxx
+ - cat ./deploy.sh | ssh -tt root@xxx.xxx.xxx.xxx
- echo "Deploy step finished"
得到 this 回答的帮助