1

I created a new ssh key in my local machine, added the public key to my account settings ssh keys, and the private key to the ci/cd settings of the project.

My .gitlab-ci.yml looks like the following:

build app:
  stage: build
  only:
    - feature/ci-cd-pipeline-v1
  before_script:
    - 'command -v ssh-agent >/dev/null || ( apt-get update -y && apt-get install openssh-client -y )'
    - eval $(ssh-agent -s)
    - echo "$SSH_PRIVATE_KEY" | ssh-add -
    - mkdir -p ~/.ssh
    - chmod 700 ~/.ssh
    - ssh-keyscan $GIT_URL >> ~/.ssh/known_host
    - git config user.email "ci@example.com"
    - git config user.name "CI"
    - git remote add acquia $GIT_URL
  script:
    - echo "Script will runb"
    - git checkout -b feature/ci-cd-pipeline-v1
    - git push acquia feature/ci-cd-pipeline-v1

The goal of this is to push the updated code to my Acquia repository(which also has the ssh public key), but I get the following error when the pipeline runs:

$ command -v ssh-agent >/dev/null || ( apt-get update -y && apt-get install openssh-client -y )
$ eval $(ssh-agent -s)
Agent pid 12
$ echo "$SSH_PRIVATE_KEY" | ssh-add -
Error loading key "(stdin)": invalid format
Cleaning up project directory and file based variables
00:01
ERROR: Job failed: exit code 1
Sidney Sousa
  • 3,378
  • 11
  • 48
  • 99
  • The error "*Host key verification failed.*" is about **host key**, not user key. Run `ssh-keyscan svn-25559.prod.hosting.acquia.com >> ~/.ssh/known_hosts` See https://stackoverflow.com/search?q=%5Bssh%5D+Host+key+verification+failed – phd Jan 12 '23 at 22:48
  • @phd I edited my question and the known hosts command is also there, but there. still seems to be an issue with the ssh key. – Sidney Sousa Jan 13 '23 at 07:23
  • Invalid format for the private key. Have you passed `$SSH_PRIVATE_KEY` to the pipeline at all? Is it the private key? Verify the data. – phd Jan 13 '23 at 10:22
  • Yes @phd. The ssh key was copied to the repo using tr -d '\n' < ~/.ssh/pipeline_rsa | pbcopy and I could even echo it out through the pipeline – Sidney Sousa Jan 13 '23 at 10:24
  • After the End certificate I even added a blank space now based on forums suggestions. – Sidney Sousa Jan 13 '23 at 10:24
  • Does `cat ~/.ssh/pipeline_rsa | ssh-add -` work locally? – phd Jan 13 '23 at 10:29
  • Yes @phd. It results in Identity added: (stdin) (pipeline) – Sidney Sousa Jan 13 '23 at 10:30

1 Answers1

1

I resolved this issue posted by regenerating an RSA key, then secondly, instead of:

tr -d '\n' < ~/.ssh/pipeline_rsa

I use

pbcopy < ~/.ssh/pipelines/id_rsa

In summary, the format of the ssh key was incorrect.

It throws a different error now, but I guess this would form part of a different question.

Sidney Sousa
  • 3,378
  • 11
  • 48
  • 99