12

I have a Gitlab environment using Gitlab CI, for a new project to testify about the compiled files and copy via rsync to a production server.

The machine where the build of these resources is exec is an image of docker (node 6), but now I have to copy the resulting files from that container Docker command to the server using linux ... My problem is to connect via ssh through rsync.

Currently I have the following:

stages:
  - deploy

before_script:
    - npm i
    - npm run build

job_deploy:
  stage: deploy
  script:
    - ssh-keygen -t rsa -b 4096 -C '' -f ~/.ssh/deploy_rsa
    - ssh-keyscan -H 8.8.8.8 >> ~/.ssh/known_hosts
    - ssh-copy-id -i ~/.ssh/deploy_rsa.pub $SERVER_USER@8.8.8.8
    - rsync -avuz $CI_PROJECT_DIR/dist/ $SERVER_USER@8.8.8.8:/var/wwww/example.com
  only:
    - master

By this I'm getting:

    /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
    /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
    Permission denied, please try again.
    Permission denied, please try again.
    Permission denied (publickey,password).
Sjon
  • 103
  • 4
Rodrigo Moreno
  • 243
  • 1
  • 2
  • 11
  • 3
    Ther's something I don't undersrand here: you are generating a new ssh key on the fly every build isn'it? Where is the point of using ssh leys whrn you.need pwd to deploy the pub key? – lrkwz Apr 22 '17 at 08:38
  • Like @lrkwz, I am also missing the point of sending a new key on every build, when you are going to be asked for a password anyway. Also, I'd love to see the authorized_keys file on the remote server... – Fábio Duque Silva May 22 '19 at 19:44

2 Answers2

3

ssh-copy-id is asking for a password. You can use sshpass -e and set the SSHPASS environment variable in Gitlab.

1

You are not passing the ssh key to rsync. You should do something like this which executes the ssh command to properly identify the ssh key:

rsync -avuz -e 'ssh -i ~/.ssh/deploy_rsa' $CI_PROJECT_DIR/dist/ $SERVER_USER@8.8.8.8:/var/wwww/example.com