I’m trying to enable SSH access and therefore, I need to run a custom bash script which is in root of my git repo. I took help from Drone’s custom logic docs, and use this script:
- name: clone
- echo "Cloning."
- git clone git:...
However, I’m getting an error “drone-ssh-key.sh” not found.
But if I run a simpler configuration like…
- apt-get update
- apt-get install python -y
- which python
- python main.py
It reads my files smoothly. However, it throws a duplicate step error if I try to put a clone step over here.
Need help – I need to run the first file having it read my git repo.
from what I can tell you have disabled the default clone step, but are trying to invoke
scripts/drone-ssh-key.sh before the repository is cloned. As a result,
scripts/drone-ssh-key.sh does not exist yet. So this seems expected.
@bradrydzewski I need to invoke the scripts/drone-ssh-key.sh before cloning the repo, because it adds my pvt keys so that I can clone through git+ssh (git:url/repo)
I think there is a misunderstanding. How can drone invoke a file before it has cloned any files?
Can you tell me a way around this ? How do I achieve this ?
I would need more details. What does
scripts/drone-ssh-key.sh do? Where does it get your ssh key from? What is wrong with the default clone step?
@bradrydzewski This is what drone-ssh-key.sh contains…
echo "Adding private ssh key"
echo -n "$DRONE_PRIVATE_SSH_KEY" > /root/.ssh/id_rsa
chmod 600 /root/.ssh/id_rsa
# add gogs server to our known hosts.
chmod 600 /root/.ssh/known_hosts
ssh-keyscan -H X.X.X.X > /etc/ssh/ssh_known_hosts 2> /dev/null
echo "Key added"
Also, I just tried cloning the repo first with git+http and then run drone-ssh-key.sh, and it still throws the same error.
PS - I’m running a GOGS a container on X.X.X.X
This is what drone-ssh-key.sh contains…
DRONE_PRIVATE_SSH_KEY come from? I do not see anywhere in your yaml that instructs Drone to load this environment variable into the step.
Also, I just tried cloning the repo first with git+http
Why are you not using the default clone step? Perhaps it would be more prudent to try to troubleshoot why the default clone does not work for you, instead of troubleshooting this complex and non-standard workaround?
@bradrydzewski DRONE_PRIVATE_SSH_KEY is a drone secret.
Also, default clone doesn’t work for me because I want to clone with git+ssh. Not git+http.
The sample yaml you posted does not show the secret being injected into the environment. https://docs.drone.io/user-guide/secrets/pre-repository/
I’ve referred to this doc link and injected the secret into env. My secrets are being loaded and Keys are also getting added. My yaml file looks something like this now…
- name: clone
- which ssh-agent || ( apt-get update -y && apt-get install openssh-client -y )
- eval $(ssh-agent -s)
- mkdir /root/.ssh && echo "$SSH_KEY" > /root/.ssh/id_rsa && chmod 0600 /root/.ssh/id_rsa
- ssh-keyscan -H 172.19.0.2 >> /root/.ssh/known_hosts
- cat /root/.ssh/known_hosts
- git clone [email protected]:wahal/test.git
But now I have the error
[email protected]: Permission denied (publickey,keyboard-interactive).
17 fatal: Could not read from remote repository.
19 Please make sure you have the correct access rights
20 and the repository exists.