Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Github ssh add known hosts #4

Open
Rukamakama opened this issue Apr 15, 2022 · 5 comments
Open

Github ssh add known hosts #4

Rukamakama opened this issue Apr 15, 2022 · 5 comments

Comments

@Rukamakama
Copy link

Hello,

Am trying to use this action to deploy my containers with docker-compose.
Here my ci file

  dev_deploy:
    runs-on: ubuntu-latest
    steps:
      - name: Start Deployments
        uses: TapTap21/[email protected]
        with:
          remote_docker_host: ${{ secrets.DEV_HOST }}
          ssh_private_key: ${{ secrets.DEV_SSHKEY }}
          ssh_public_key: ${{ secrets.DEV_SSHKEY_PUB }}
          stack_file_name: docker-compose.yml
          docker_login_password: ${{ secrets.DIGITALOCEAN_USER }}
          docker_login_user: ${{ secrets.DIGITALOCEAN_ACCESS_PASSWORD }}
          docker_login_registry: registry.digitalocean.com
          args: up -d --build

This job is failing but the failure message is not clear to me. Here is the job logs

Registering SSH keys...
Agent pid 11
Identity added: /github/home/.ssh/id_rsa (/github/home/.ssh/id_rsa)
Add known hosts
# 1.1.1.1:22 SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.2
# 1.1.1.1::22 SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.2
# 1.1.1.1::22 SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.2
# 1.1.1.1::22 SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.2
@TapTap21
Copy link
Owner

Hi @Rukamakama thanks for opening the issue.

Is there any additional info you can provide? What error does the action show when it fails?

@Rukamakama
Copy link
Author

Hi @Rukamakama thanks for opening the issue.

Is there any additional info you can provide? What error does the action show when it fails?

When it fails I just see above output from job logs

@s7anley
Copy link

s7anley commented May 24, 2022

Hi,

I had the same problem as @Rukamakama. The problem is ssh-keyscan can actually send output to stderr even during successful execution see https://serverfault.com/questions/636655/ssh-keyscan-stderr-comment-on-success.

Update:
After debugging the container I found out that the second call of the ssh-keyscan exited with code 1. It has nothing to do with logs in stderr mentioned above. Sometimes there is an error message in stderr for example: write (xxx.xxx.xxx.xxx): Connection refused sometimes nothing is shown. I'm testing it with Digitalocean same as @Rukamakama, so my guess is rate-limiting from DO prevents the second call to finish successfully.

@TapTap21
Copy link
Owner

TapTap21 commented Jun 1, 2022

@s7anley I tested locally and with EC2 and had no issues.

The rate-limiting could be an answer, but it does seem like a very low limit. A few other explanations:

  1. Providing the wrong ssh port would cause ssh-keyscan to fail with exit-code 1
  2. Perhaps there is a network timeout? ssh-keyscan has a default timeout of 5s. Please try running the ssh-keyscan commands locally. The timeout could be altered using the -T if flag. If this is the issue, I'll release an update to change the timeout.

I could release a "debug" version with all verbosity set to max? This will have to be under a different tag to prevent accidental verbosity in production environments.

@Awerito
Copy link

Awerito commented Jul 15, 2022

After doing ssh-keygen -t rsa -b 4096 -C "user@host" -q -N "" and adding the key to cat id_rsa.pub >> authorized_keys on the server I got pass that error, but now I got:

Login Succeeded
Command: docker-compose -f docker-compose.yml pull
Traceback (most recent call last):
  File "/usr/bin/docker-compose", line 11, in <module>
    load_entry_point('docker-compose==1.25.4', 'console_scripts', 'docker-compose')()
  File "/usr/lib/python3.8/site-packages/compose/cli/main.py", line 72, in main
    command()
  File "/usr/lib/python3.8/site-packages/compose/cli/main.py", line 125, in perform_command
    project = project_from_options('.', options)
  File "/usr/lib/python3.8/site-packages/compose/cli/command.py", line 54, in project_from_options
    return get_project(
  File "/usr/lib/python3.8/site-packages/compose/cli/command.py", line 1[47](https://github.com/Awerito/fastapi-mongodb/runs/7361520218?check_suite_focus=true#step:4:48), in get_project
    client = get_client(
  File "/usr/lib/python3.8/site-packages/compose/cli/command.py", line 118, in get_client
    client = docker_client(
  File "/usr/lib/python3.8/site-packages/compose/cli/docker_client.py", line 127, in docker_client
    client = APIClient(**kwargs)
  File "/usr/lib/python3.8/site-packages/docker/api/client.py", line 165, in __init__
    self._custom_adapter = SSHHTTPAdapter(
  File "/usr/lib/python3.8/site-packages/docker/transport/sshconn.py", line 111, in __init__
    self._connect()
  File "/usr/lib/python3.8/site-packages/docker/transport/sshconn.py", line 119, in _connect
    self.ssh_client.connect(**self.ssh_params)
  File "/usr/lib/python3.8/site-packages/paramiko/client.py", line 435, in connect
    self._auth(
  File "/usr/lib/python3.8/site-packages/paramiko/client.py", line 764, in _auth
    raise saved_exception
  File "/usr/lib/python3.8/site-packages/paramiko/client.py", line 740, in _auth
    self._transport.auth_publickey(username, key)
  File "/usr/lib/python3.8/site-packages/paramiko/transport.py", line 1580, in auth_publickey
    return self.auth_handler.wait_for_response(my_event)
  File "/usr/lib/python3.8/site-packages/paramiko/auth_handler.py", line 2[50](https://github.com/Awerito/fastapi-mongodb/runs/7361520218?check_suite_focus=true#step:4:51), in wait_for_response
    raise e
paramiko.ssh_exception.AuthenticationException: Authentication failed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

4 participants