1

I'm trying to use the SSH deploy task in Azure devops, but I'm struggling to get it to work.

Steps:

  1. I generated a ssh-key
  2. The key is added to the server
  3. (optional) tested key locally (works)
  4. Created a Service connection in Azure Devops (with the private key data and the passfrase in the password field)
  5. Allow the correct pipeline in Service connection security
  6. Added the SSH task to the release pipeline.
  7. Added an inline script.

Connection succeeds

It seems to connect but doesn't execute the commands. I've checked the /var/log/auth.log file on the server and that does show a successfull connection. The authentication log on the remote server does show a successfull authentication from devops, the connects lasts exactly the value set for the timeout.

Wrong order, logging shows commands then connected

In the logging it shows my second (docker-compose pull) and third command (docker-compose up -d) but not the first command. And the commands are shown before the trying to connect line. The first command isn't shown at all.

Did I make a mistake or is their something else going on?

Here is the logging of the task

2020-02-12T15:05:23.7258315Z ##[section]Starting: Run SSH
2020-02-12T15:05:23.8777631Z ==============================================================================
2020-02-12T15:05:23.8778469Z Task         : SSH
2020-02-12T15:05:23.8778560Z Description  : Run shell commands or a script on a remote machine using SSH
2020-02-12T15:05:23.8778657Z Version      : 0.151.1
2020-02-12T15:05:23.8778735Z Author       : Microsoft Corporation
2020-02-12T15:05:23.8778839Z Help         : https://learn.microsoft.com/azure/devops/pipelines/tasks/deploy/ssh
2020-02-12T15:05:23.8778953Z ==============================================================================
2020-02-12T15:05:24.5860676Z docker-compose pull
2020-02-12T15:05:24.5860824Z docker-compose up -d
2020-02-12T15:05:24.5861194Z Trying to establish an SSH connection to ***@my-server.domain.com:22
2020-02-12T15:05:25.4787782Z (node:4364) Warning: Use Cipheriv for counter mode of aes-256-ctr
2020-02-12T15:05:25.4789160Z (node:4364) Warning: Use Cipheriv for counter mode of aes-256-ctr
2020-02-12T15:05:25.4791265Z (node:4364) Warning: Use Cipheriv for counter mode of aes-256-ctr
2020-02-12T15:05:25.4791477Z (node:4364) Warning: Use Cipheriv for counter mode of aes-256-ctr
2020-02-12T15:05:25.4792286Z (node:4364) Warning: Use Cipheriv for counter mode of aes-256-ctr
2020-02-12T15:05:25.4792439Z (node:4364) Warning: Use Cipheriv for counter mode of aes-256-ctr
2020-02-12T15:05:25.4792552Z (node:4364) Warning: Use Cipheriv for counter mode of aes-256-ctr
2020-02-12T15:05:25.4792648Z (node:4364) Warning: Use Cipheriv for counter mode of aes-256-ctr
2020-02-12T15:05:25.4792757Z (node:4364) Warning: Use Cipheriv for counter mode of aes-256-ctr
2020-02-12T15:05:25.4792851Z (node:4364) Warning: Use Cipheriv for counter mode of aes-256-ctr
2020-02-12T15:05:25.4792960Z (node:4364) Warning: Use Cipheriv for counter mode of aes-256-ctr
2020-02-12T15:05:25.4793055Z (node:4364) Warning: Use Cipheriv for counter mode of aes-256-ctr
2020-02-12T15:05:25.7447781Z Successfully connected.
2020-02-12T15:05:25.7564295Z ##[error]Unhandled: Cannot parse privateKey: Unsupported key format
2020-02-12T15:09:23.7874932Z ##[error]The task has timed out.
2020-02-12T15:09:23.7877908Z ##[section]Finishing: Run SSH

Task YAML

- task: SSH@0
  displayName: 'Run remote docker-compose commands'
  inputs:
    sshEndpoint: 'Endpoint name redacted'
    runOptions: inline
    inline: |
     cd ~/correct-folder/
     docker-compose pull
     docker-compose up -d
  timeoutInMinutes: 4

I've tried both Windows and Ubuntu hosted agents.

Unrelated issues that show same error:

Same issue, with explaination

https://stackoverflow.com/a/55093077/639153

It seems like the Task library is calling the wrong node function, as "solved" in march '19.

Stephan
  • 2,356
  • 16
  • 38

2 Answers2

0

I know your step 7 says you added an Inline script, but any chance that you are using the run shell command option and not the Inline script option? A hunch from your description about the order of operations being off.

NOTE: Each command runs in a separate process. If you want to run a series of commands that are interdependent (for example, changing the current folder before executing a command) use the Inline Script option instead.

From the docs on the task

Eric Smith
  • 2,340
  • 12
  • 16
  • That could be the issue, so I just double checked and added the yaml of the task to the original question. – Stephan Feb 13 '20 at 09:45
  • @Stephan Based on your edit you are using the Inline script option so that should be good. Based on this issue on [github](https://github.com/microsoft/azure-pipelines-tasks/issues/11439) what if you turn off the new service connection preview feature and try to regenerate the Service Connection? – Eric Smith Feb 14 '20 at 01:39
  • your suggestion doesn't work. The result is the same. It already did connect to the server, but it connects after the commands are already in the log. So I think it might be a bug in the task anyway. – Stephan Feb 15 '20 at 21:35
-1

What about using private agent? Just try to run a simple command such like ipconfig and check the result.

Besides, according to the error message Unhandled: Cannot parse privateKey: Unsupported key format this seems a privateKey format issue.

So, please try to convert the existing key using ssh-keygen utility to the old PEM format and try it again to check if that works.

ssh-keygen -p -m PEM -f ~/.ssh/id_rsa

Andy Li-MSFT
  • 28,712
  • 2
  • 33
  • 55
  • As stated in the original question, it does connect successfully, but it doesn't execute the commands on the server. I already tried to change the commands to an echo, but that didn't work either. – Stephan Feb 18 '20 at 09:39
  • The other key format results in the same error and also listing the commands in the logging before the error that it cannot connect. So `Use Cipheriv for counter mode of aes-256-ctr` ten times then my 2nd and 3th command then connecting..... – Stephan Feb 18 '20 at 10:38