1. 首頁
  2. 問答
  3. GitLab CI亞軍 - 無法訪問其他存儲庫

GitLab CI亞軍 - 無法訪問其他存儲庫

2016-04-12 71 views
0

在最近的一次小的8.x升級之後,我無法執行也讀取另一個存儲庫的GitLab CI測試。雖然以前的一切工作,現在我得到着名的主機密鑰驗證失敗。來自ssh的錯誤消息。這可能是什麼原因?GitLab CI亞軍 - 無法訪問其他存儲庫

/etc/gitlab-runner/config.toml

concurrent = 1 

[[runners]] 
    name = "[email protected]" 
    # ... 
    executor = "docker" 
    [runners.docker] 
    image = "edoburu/python-runner" 
    privileged = false 
    cap_drop = ["DAC_OVERRIDE"] 
    volumes = [ 
     "/cache", 
     "/home/deploy/.ssh:/root/.ssh:ro" 
    ] 
    # ...

正如你所看到的,.ssh文件夾被暴露,給容器中的所有已知主機(/home/deploy/.ssh/known_hosts)的列表。這也給容器一個已知的SSH密鑰,我已經在存儲庫中啓用了部署密鑰。

然而,如今構建失敗,它以前並沒有這樣做:

Obtaining python-extra from [email protected]:myproject/[email protected]#egg=python-extra (from -r src/requirements.txt (line 63)) 
    Cloning [email protected]:myproject/python-extra.git (to 889f8fa0fe485d246d106ccee47aa60b2dd2523e) to /builds/myproject/env/src/python-extra 
Host key verification failed. 
fatal: Could not read from remote repository. 

Please make sure you have the correct access rights 
and the repository exists. 
Command "git clone -q [email protected]:myproject/python-extra.git /builds/project/env/src/python-extra" failed with error code 128 in None

.gitlab-ci.yml文件包含:

test: 
    image: edoburu/python-runner:base 
    stage: test 
    script: 
    - virtualenv --no-site-packages ../env 
    - source ../env/bin/activate 
    - pip install --exists-action=w -r src/requirements.txt 
    - pip install coverage 
    - coverage run --source=src --omit='*/migrations/*' ./src/runtests.py -v2 
    - coverage report -m

手動然而,當我進入容器中,一切工作正常:

[email protected] ~ $ docker run -it --volume="/home/deploy/.ssh:/root/.ssh:ro" edoburu/python-runner:base /bin/bash 
[email protected]:/# ssh [email protected] 
PTY allocation request failed on channel 0 
Welcome to GitLab, Anonymous! 
Connection to git.example.org closed. 
[email protected]:/# git clone [email protected]:myproject/python-extra.git 
Cloning into 'python-extra'... 
remote: Counting objects: 387, done. 
remote: Compressing objects: 100% (176/176), done. 
remote: Total 387 (delta 215), reused 374 (delta 208) 
Receiving objects: 100% (387/387), 5.97 MiB | 0 bytes/s, done. 
Resolving deltas: 100% (215/215), done. 
Checking connectivity... done. 
[email protected]:/# exit 
[email protected] ~ $

GitLab有什麼不同嗎?也許分配IP地址或其他導致我的構建失敗的東西?

來源

2016-04-12 vdboor

回答

0

解決了,事實證明--cap-drop=DAC_OVERRIDE阻止訪問卷。改變它的所有者爲根解決它。

通過添加一些調試代碼到.gitlab-ci.yml文件實測值:

script: 
    - ping -c 1 git.edoburu.nl 
    - ssh-keyscan git.edoburu.nl 
    - ls -la ~/.ssh/ 
    - cat ~/.ssh/known_hosts

來源

2016-04-12 11:28:37 vdboor

相關問題

 相關問題