panic: runtime error: invalid memory address or nil pointer dereference

nemonik commented 7 years ago

For

  deploy:
    image: appleboy/drone-ssh
    host: example.dev
    user: nemonik
    port: 22
    key: ${SSH_KEY}
    script:
      - echo "Hey"
      - ls
    when:
      branch:
        include: [ master, release/* ]

After registering my SSH_KEY as a secret via drone cli

drone secret add --image=appleboy/drone-ssh Ephemeral/nodejs-helloworld SSH_KEY "$(cat ~/.ssh/privatekey)"

I get out of drone:

2017/02/09 05:15:32 example.dev commands:  echo "Hey"
panic: runtime error: invalid memory address or nil pointer dereference
 [signal SIGSEGV: segmentation violation code=0x1 addr=0x20 pc=0x54e043]
goroutine 18 [running]:
panic(0x62b220, 0xc42000a060)
    /usr/local/go/src/runtime/panic.go:500 +0x1a1
github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh.publicKeyCallback.auth(0xc42007f560, 0xc420010d40, 0x20, 0x20, 0xc42006cb10, 0x7, 0x772a00, 0xc4200e8000, 0x770600, 0xc4200705d0, ...)
    /srv/app/src/github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh/client_auth.go:191 +0xb3
github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh.(*connection).clientAuthenticate(0xc4200dc100, 0xc4200e0000, 0x0, 0xa)
    /srv/app/src/github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh/client_auth.go:34 
github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh.(*connection).clientHandshake(0xc4200dc100, 0xc420070db0, 0x22, 0xc4200e0000, 0x0, 0x0)
    /srv/app/src/github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh/client.go:107 +0x2ed
github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh.NewClientConn(0x774b20, 0xc42002a008, 0xc420070db0, 0x22, 0xc420069a90, 0x774b20, 0xc42002a008, 0x0, 0x0, 0xc42007f560, ...)
    /srv/app/src/github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh/client.go:75 +0x105
github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh.Dial(0x666e8c, 0x3, 0xc420070db0, 0x22, 0xc420069a90, 0x22, 0x0, 0x1)
    /srv/app/src/github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh/client.go:171 +0xb3
github.com/appleboy/drone-ssh/easyssh.(*MakeConfig).connect(0xc420069e90, 0x45c000, 0x10000c42007c010, 0x0)
    /srv/app/src/github.com/appleboy/drone-ssh/easyssh/easyssh.go:77 +0x16b
github.com/appleboy/drone-ssh/easyssh.(*MakeConfig).Stream(0xc420069e90, 0xc42006cbf0, 0xd, 0xd, 0xd, 0xc420069ca8, 0x4431ce)
    /srv/app/src/github.com/appleboy/drone-ssh/easyssh/easyssh.go:95 +0x40
github.com/appleboy/drone-ssh/easyssh.(*MakeConfig).Run(0xc420069e90, 0xc42006cbf0, 0xd, 0x666c32, 0x1, 0xc42006cbf0, 0xd)
    /srv/app/src/github.com/appleboy/drone-ssh/easyssh/easyssh.go:130 +0x5d
main.Plugin.Exec.func1(0xc42006cac6, 0xa, 0x0, 0x0, 0xc42006cb10, 0x7, 0x0, 0x0, 0xc42006c940, 0x1, ...)
    /srv/app/src/github.com/appleboy/drone-ssh/plugin.go:71 +0x330
created by main.Plugin.Exec
    /srv/app/src/github.com/appleboy/drone-ssh/plugin.go:79 +0x16e

appleboy commented 7 years ago

@nemonik What is your drone version (latest) ?

nemonik commented 7 years ago

Drone v0.5

Specifically

➜  ~ docker images | grep drone
drone/drone                                                          0.5                 a8f47231e47e        6 weeks ago         26.3 MB

drone cli version

➜  ~ drone -v
drone version 0.5.0+dev

Docker info:

➜  ~ docker info
Containers: 36
 Running: 13
 Paused: 0
 Stopped: 23
Images: 85
Server Version: 1.13.0
Storage Driver: overlay
 Backing Filesystem: xfs
 Supports d_type: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
 Volume: local
 Network: bridge host macvlan null overlay
Swarm: active
 NodeID: 8ld3vo1wypixghhzxx7x53fd2
 Is Manager: true
 ClusterID: c74e0jm5efzrpt45tagk9bjmz
 Managers: 1
 Nodes: 4
 Orchestration:
  Task History Retention Limit: 5
 Raft:
  Snapshot Interval: 10000
  Number of Old Snapshots to Retain: 0
  Heartbeat Tick: 1
  Election Tick: 3
 Dispatcher:
  Heartbeat Period: 5 seconds
 CA Configuration:
  Expiry Duration: 3 months
 Node Address: 10.205.45.208
 Manager Addresses:
  10.205.45.208:2377
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 03e5862ec0d8d3b3f750e19fca3ee367e13c090e
runc version: 2f7393a47307a16f8cee44a37b262e8b81021e3e
init version: 949e6fa
Security Options:
 seccomp
  Profile: default
Kernel Version: 3.10.0-514.6.1.el7.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
CPUs: 4
Total Memory: 7.64 GiB
Name: example
ID: KJVX:RIKV:EDJY:PGKQ:I7BR:GYF3:HQCD:X6DF:ULIL:IOJK:XPNL:LD24
Docker Root Dir: /docker/var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Experimental: false
Insecure Registries:
 example.dev:5000
 127.0.0.0/8
Live Restore Enabled: false

appleboy commented 7 years ago

Could you help me try the latest drone-ssh image?

  deploy:
+   pull: true
    image: appleboy/drone-ssh

nemonik commented 7 years ago

I did that and also removed the image so it would pull the newest appleboy/drone-ssh.

2017/02/10 12:47:02 example.dev: commands:  whoami
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x20 pc=0x54e043]
goroutine 5 [running]:
panic(0x62b220, 0xc42000a060)
    /usr/local/go/src/runtime/panic.go:500 +0x1a1
github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh.publicKeyCallback.auth(0xc4200118c0, 0xc4200bc720, 0x20, 0x20, 0xc42000abd0, 0x7, 0x772a00, 0xc4200b6000, 0x770600, 0xc420016720, ...)
    /srv/app/src/github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh/client_auth.go:191 +0xb3
github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh.(*connection).clientAuthenticate(0xc420092600, 0xc4200900c0, 0x0, 0xa)
    /srv/app/src/github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh/client_auth.go:34 +0x31c
github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh.(*connection).clientHandshake(0xc420092600, 0xc420016f00, 0x22, 0xc4200900c0, 0x0, 0x0)
    /srv/app/src/github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh/client.go:107 +0x2ed
github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh.NewClientConn(0x774b20, 0xc42002a060, 0xc420016f00, 0x22, 0xc420063a90, 0x774b20, 0xc42002a060, 0x0, 0x0, 0xc4200118c0, ...)
    /srv/app/src/github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh/client.go:75 +0x105
github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh.Dial(0x666e8c, 0x3, 0xc420016f00, 0x22, 0xc420063a90, 0x22, 0x0, 0x1)
    /srv/app/src/github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh/client.go:171 +0xb3
github.com/appleboy/drone-ssh/easyssh.(*MakeConfig).connect(0xc420063e90, 0x45c075, 0xc42002a018, 0x0)
    /srv/app/src/github.com/appleboy/drone-ssh/easyssh/easyssh.go:77 +0x16b
github.com/appleboy/drone-ssh/easyssh.(*MakeConfig).Stream(0xc420063e90, 0xc4200100ce, 0x6, 0x33, 0x47, 0x50, 0x793200)
    /srv/app/src/github.com/appleboy/drone-ssh/easyssh/easyssh.go:95 +0x40
github.com/appleboy/drone-ssh/easyssh.(*MakeConfig).Run(0xc420063e90, 0xc4200100ce, 0x6, 0x666c32, 0x1, 0xc4200100ce, 0x6)
    /srv/app/src/github.com/appleboy/drone-ssh/easyssh/easyssh.go:130 +0x5d
main.Plugin.Exec.func1(0xc42000aba0, 0xa, 0x0, 0x0, 0xc42000abd0, 0x7, 0x0, 0x0, 0xc42000aa10, 0x1, ...)
    /srv/app/src/github.com/appleboy/drone-ssh/plugin.go:71 +0x330
created by main.Plugin.Exec
    /srv/app/src/github.com/appleboy/drone-ssh/plugin.go:79 +0x16e

And yes it did pull a new image, at first I thought it was the same as my previous comment, but in the time between my first comment above and now I had already pulled the new appleboy/drone-ssh and have been trying to get it to work with that. so yes I'm am seeing the same problem.

➜  ~ docker images | grep apple
appleboy/drone-ssh                                                   latest              a419b6580448        6 days ago          11.6 MB

nemonik commented 7 years ago

Thoughts?

nemonik commented 7 years ago

If this is a bug I'd be curious to hear what was the problem.

appleboy commented 7 years ago

@nemonik I will test the latest version of drone-ssh and drone server today.

appleboy commented 7 years ago

Maybe a bug or not. I can't confirm without testing..

nemonik commented 7 years ago

if I clone

go build after go get dependencies it builds.

go test fails w/

2017/02/17 02:11:33 localhost: commands:  whoami
2017/02/17 02:11:36 localhost: outputs:
2017/02/17 02:11:36 drone-ssh error:  ssh: handshake failed: ssh: unable to authenticate, attempted methods [none password], no supported methods remain
2017/02/17 02:11:36 localhost: commands:  whoami
2017/02/17 02:11:36 localhost: outputs:
2017/02/17 02:11:36 drone-ssh error:  ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain
--- FAIL: TestSSHScriptFromRawKey (0.04s)
 Error Trace: plugin_test.go:86
    Error:          Expected nil, but got: &errors.errorString{s:"ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain"}
2017/02/17 02:11:36 localhost: commands:  whoami
ls -al
2017/02/17 02:11:36 127.0.0.1: commands:  whoami
ls -al
2017/02/17 02:11:36 127.0.0.1: outputs:
2017/02/17 02:11:36 drone-ssh error:  ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain
--- FAIL: TestSSHScriptFromKeyFile (0.04s)
 Error Trace: plugin_test.go:101
    Error:          Expected nil, but got: &errors.errorString{s:"ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain"}
FAIL
exit status 1
FAIL    _/home/nemonik/Development/workspace/drone-ssh  2.569s

But if I docker build as the docs say... It builds the container like so

➜  drone-ssh git:(master) CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -a -tags netgo
➜  drone-ssh git:(master) docker build -t my/drone-ssh .
Sending build context to Docker daemon 7.535 MB
Step 1/4 : FROM alpine:3.4
 ---> 0766572b4bac
Step 2/4 : RUN apk update &&   apk add     ca-certificates     openssh-client &&   rm -rf /var/cache/apk/*
 ---> Using cache
 ---> 7ef92cd6ff53
Step 3/4 : ADD drone-ssh /bin/
 ---> Using cache
 ---> 3df02583c867
Step 4/4 : ENTRYPOINT /bin/drone-ssh
 ---> Using cache
 ---> 7afd2f74efb0
Successfully built 7afd2f74efb0

And then try to run:

➜  drone-ssh git:(master) docker run --rm  -e PLUGIN_HOST=example.dev -e nemonik -e PLUGIN_KEY="$(cat ${HOME}/.ssh/ephemeral)" -e PLUGIN_SCRIPT=whoami -v $(pwd):$(pwd) -w $(pwd) my/drone-ssh
2017/02/17 07:14:50 example.dev: commands:  whoami
2017/02/17 07:14:50 example.dev: outputs:
2017/02/17 07:14:50 drone-ssh error:  ssh: handshake failed: ssh: unable to authenticate, attempted methods [publickey none], no supported methods remain
ssh: handshake failed: ssh: unable to authenticate, attempted methods [publickey none], no supported methods remain

This is with the private key at the path, and this ~/.ssh/config

➜  drone-ssh git:(master) cat ~/.ssh/config
Host example.dev
    IdentityFile    ~/.ssh/ephemeral
    IdentitiesOnly yes

If I ssh nemonik@example.dev I authenticate via my key w/o an issue like so:

➜  drone-ssh git:(master) ssh nemonik@example.dev
Last login: Fri Feb 17 02:08:48 2017 from localhost

olymk2 commented 7 years ago

Just hit this myself, after trying to setup ssh deploy I hit the error s below.

2017/02/19 18:37:13 example.com: commands:  echo 'to be added'
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x20 pc=0x5d42e3]
goroutine 5 [running]:
github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh.publicKeyCallback.auth(0xc420084be0, 0xc420085860, 0x20, 0x20, 0xc42000a2cc, 0xf, 0x784c20, 0xc4200706e0, 0x782620, 0xc420016870, ...)
    /srv/app/src/github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh/client_auth.go:193 +0xb3
github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh.(*connection).clientAuthenticate(0xc420052880, 0xc42007a0c0, 0x0, 0xa)
    /srv/app/src/github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh/client_auth.go:36 +0x369
github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh.(*connection).clientHandshake(0xc420052880, 0xc420084c00, 0x1d, 0xc42007a0c0, 0x0, 0x0)
    /srv/app/src/github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh/client.go:105 +0x2e6
github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh.NewClientConn(0x786e20, 0xc42000c078, 0xc420084c00, 0x1d, 0xc420035ad8, 0x786e20, 0xc42000c078, 0x0, 0x0, 0xc420084be0, ...)
    /srv/app/src/github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh/client.go:75 +0xe2
github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh.Dial(0x676bf0, 0x3, 0xc420084c00, 0x1d, 0xc420035ad8, 0x1d, 0x0, 0x1)
    /srv/app/src/github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh/client.go:169 +0xb3
github.com/appleboy/drone-ssh/easyssh.(*MakeConfig).connect(0xc420035ed0, 0x0, 0x0, 0x0)
    /srv/app/src/github.com/appleboy/drone-ssh/easyssh/easyssh.go:77 +0x16e
github.com/appleboy/drone-ssh/easyssh.(*MakeConfig).Stream(0xc420035ed0, 0xc42000a2ee, 0x12, 0x3a, 0x4e, 0x50, 0x7a5860)
    /srv/app/src/github.com/appleboy/drone-ssh/easyssh/easyssh.go:95 +0x40
github.com/appleboy/drone-ssh/easyssh.(*MakeConfig).Run(0xc420035ed0, 0xc42000a2ee, 0x12, 0x6769b0, 0x1, 0xc42000a2ee, 0x12)
    /srv/app/src/github.com/appleboy/drone-ssh/easyssh/easyssh.go:130 +0x5d
main.Plugin.Exec.func1(0xc42000a3ab, 0xa, 0x0, 0x0, 0xc42000a2cc, 0xf, 0x0, 0x0, 0xc42000eb40, 0x1, ...)
    /srv/app/src/github.com/appleboy/drone-ssh/plugin.go:71 +0x31e
created by main.Plugin.Exec
    /srv/app/src/github.com/appleboy/drone-ssh/plugin.go:79 +0x176

appleboy commented 7 years ago

Can't reproduce this problem.

http://drone.wu-boy.com/appleboy/drone-ssh/72

appleboy commented 7 years ago

@nemonik

$ docker run --rm \
→   -e PLUGIN_HOST=192.168.1.100 \
→   -e PLUGIN_USER=drone-scp \
→   -e PLUGIN_KEY="$(cat ${HOME}/.ssh/id_rsa)" \
→   -e PLUGIN_SCRIPT="whoami" \
→   -v $(pwd):$(pwd) \
→   -w $(pwd) \
→   appleboy/drone-ssh
2017/02/25 06:32:00 + ssh drone-scp@192.168.1.100:22
drone-scp

Copy content of id_rsa.pub into .ssh/authorized_keys of drone-scp user.

olymk2 commented 7 years ago

@appleboy not sure if this is the same as @nemonik but this is how i am getting the error.

Well this is what i am doing, i have set the SSH_KEY secret on drone to be SSH_KEY=@/home/user/.ssh/id_rsa

Then in my .drone.yml file i pass in the KEY like below and then get the error above.

my understanding is that drone secrets should then provide the key to drone-ssh

pipeline:
  publish-test:
    pull: True
    image: appleboy/drone-ssh
    host: example.com
    user: ${SSH_USER}
    key: "${SSH_KEY}"
    port: 22
    script:
      - echo ${SSH_USER}
      - echo "${SSH_KEY}"
      - echo 'to be added'

Then i get the error above, i can see in the echo that it actually shows @/file/path and not the key not sure if thats correct or not.

appleboy commented 7 years ago

@olymk2

Change

key: "${SSH_KEY}"

to

key: ${SSH_KEY}

remove the double quotes and try to remove - echo 'to be added' then test again.

olymk2 commented 7 years ago

@appleboy tried that, so i now have the below yaml, the double quotes where based on a suggestion from @bradrydzewski how ever if i remove the quotes i get invalid character in the yaml presumably the @ symbol

pipeline:
  publish-test:
    pull: True
    image: appleboy/drone-ssh
    host: example.com
    user: ${SSH_USER}
    key: ${SSH_KEY}
    port: 22
    script:
      - echo ${SSH_USER}
      - echo ${SSH_KEY}

Running Matrix job #0
yaml: line 10: found character that cannot start any token

One thing i would like to clarify is when setting the secret to your ssh key should it be a remote or local file, currently using local because it complains about file not found if i use remote so i am assuming that th local key is copied up from the local file.

appleboy commented 7 years ago

@olymk2 What is your version of drone? The following config is working for me.

  # start app for production, listen master branch
  ssh_production:
    image: appleboy/drone-ssh
    pull: true
    host:
      - 10.135.xxx.xxx
      - 10.135.xxx.xxx
    port: 22
    user: deploy
    key: ${SSH_KEY}
    script:
      - xxxxx
      - xxxxx
    when:
      event: tag
      status: [ success ]

Try the following changes:

    script:
-     - echo ${SSH_USER}
-     - echo ${SSH_KEY}
+     - whoami

olymk2 commented 7 years ago

@appleboy that errors as well, I did take out the key: ${SSH_KEY} because as mentioned the yml errors with out the quotes.

Running Matrix job #0
[publish-test:L0:0s] 2017/02/25 12:38:13 example.com: commands:  whoami
[publish-test:L1:0s] panic: runtime error: invalid memory address or nil pointer dereference
[publish-test:L2:0s] [signal SIGSEGV: segmentation violation code=0x1 addr=0x20 pc=0x5d42e3]

It feels a bit like the issue might be with secrets, did you specify your SSH_KEY above with drones secrets command and using @ to point at the file ?

I am running the latest drone compiled last night.

drone version 0.5.0+dev

appleboy commented 7 years ago

@olymk2 My secret command as the following:

drone secret add --skip-verify --event pull_request appleboy/drone-ssh SSH_KEY @/Users/xxxxxx/.ssh/id_rsa

olymk2 commented 7 years ago

Thanks for persevering @appleboy it seems --skip-verify is the key, perhaps an error message would help going forward, not sure if drone or drone-ssh should do that.

looking at @nemonik command at the top --skip-verify has not been provided so this maybe the difference thats triggering this error.

appleboy commented 7 years ago

@olymk2 Please make sure that resign drone sig file if you don't use --skip-verify flag.

drone secret add --event pull_request appleboy/drone-ssh SSH_KEY @/Users/xxxxxx/.ssh/id_rsa
drone sign your_project

mochipon commented 7 years ago

Apparently this bug seems to be related to the type of SSH key. I can reproduce this bug with using a ECDSA-type SSH key.

@appleboy You seem to be using your own id_rsa, but could you please try using id_ecdsa?

appleboy commented 7 years ago

I think we support ECDSA-type SSH key. Please see the following specs.

https://sourcegraph.com/github.com/appleboy/drone-ssh@fdc7a43f735b044d4810fa41e365f9cd2a2fd603/-/blob/vendor/golang.org/x/crypto/ssh/keys.go#L767:1-770:1

I will try it asap.

PeterCat12 commented 7 years ago

I am experiencing this issue also. For reference I am using a ssh key generated by AWS for an ec2 instance (not sure what type of key they use).

bradrydzewski commented 7 years ago

my recommendation would be that someone add a unit test for the type of key they think is failing to parse and/or panic https://github.com/appleboy/drone-ssh/blob/master/plugin_test.go

this should be easily provable

nemonik commented 7 years ago

Just getting back to this...

nemonik commented 7 years ago

So

$ docker run --rm \
→   -e PLUGIN_HOST=192.168.1.100 \
→   -e PLUGIN_USER=drone-scp \
→   -e PLUGIN_KEY="$(cat ${HOME}/.ssh/id_rsa)" \
→   -e PLUGIN_SCRIPT="whoami" \
→   -v $(pwd):$(pwd) \
→   -w $(pwd) \
→  appleboy/drone-ssh

Modified for my environment works returning:

2017/02/27 17:45:34 cocreate-centos7: commands:  whoami
2017/02/27 17:45:34 cocreate-centos7: outputs: nemonik

appleboy commented 7 years ago

@nemonik So maybe we can close this issue?

nemonik commented 7 years ago

Not yet... working from top to bottom...

 drone secret add --skip-verify --event pull_request Ephemeral/nodejs-helloworld  SSH_KEY @/home/nemonik/.ssh/ephemeral

blows up like before using:

  deploy:
    pull: true
    image: appleboy/drone-ssh
    host: example.dev
    user: nemonik
    key: ${ssh_key}
    port: 22
    script:
      - whoami
    when:
      branch:
        include: [ master, release/* ]

still working my way down...

But again

docker run --rm -e PLUGIN_HOST=example.dev -e PLUGIN_USER=nemonik -e PLUGIN_KEY="$(cat /home/nemonik/.ssh/ephemeral)" -e PLUGIN_SCRIPT="whoami" -v $(pwd):$(pwd) -w $(pwd) appleboy/drone-ssh

works perfectly.

nemonik commented 7 years ago

For drone/drone:0.5 and drone CLI version 0.5.0+dev, it is stil a great big fail whale.

Okay. Every step:

➜  nodejs-helloworld git:(master) ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/nemonik/.ssh/id_rsa): /home/nemonik/.ssh/ephemeral
/home/nemonik/.ssh/ephemeral already exists.
Overwrite (y/n)? y
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/nemonik/.ssh/ephemeral.
Your public key has been saved in /home/nemonik/.ssh/ephemeral.pub.
The key fingerprint is:
0a:df:04:70:65:1b:0c:50:f0:fd:3b:63:2e:9b:ed:b8 nemonik@example.dev
The key's randomart image is:
+--[ RSA 2048]----+
|    +++++        |
|     + o.o       |
|      o o        |
|       . .       |
|    .   S .      |
|     o +   .     |
|      o . =      |
|        .* o     |
|        E=+      |
+-----------------+

rm ~/.ssh/authorized_keys
cat ~/.ssh/ephemeral.pub > ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
rm ~/.ssh/known_hosts

Then ls -las ~/.ssh returns:

total 20
0 drwx------.  2 nemonik nemonik   77 Feb 27 14:21 .
4 drwx------. 13 nemonik nemonik 4096 Feb 27 14:22 ..
4 -rw-------.  1 nemonik nemonik  421 Feb 27 14:19 authorized_keys
4 -rw-------.  1 nemonik nemonik   97 Feb 17 02:07 config
4 -rw-------.  1 nemonik nemonik 1675 Feb 27 14:16 ephemeral
4 -rw-------.  1 nemonik nemonik  421 Feb 27 14:16 ephemeral.pub

Add the private kek:

drone secret add --event pull_request Ephemeral/nodejs-helloworld SSH_KEY @/home/nemonik/.ssh/ephemeral

View via drone secret ls Ephemeral/nodejs-helloworld returns:

SSH_KEY
Events: push, tag, deployment, pull_request
SkipVerify: false
Conceal: false

Sign my project:

➜  ~ cd ~/Development/workspace/ephemeral/nodejs-helloworld
➜  nodejs-helloworld git:(master) drone sign  Ephemeral/nodejs-helloworld
➜  nodejs-helloworld git:(master) drone sign Ephemeral/nodejs-helloworld
➜  nodejs-helloworld git:(master) ✗ git add .
➜  nodejs-helloworld git:(master) ✗ git commit -m "drone signed"
[master 84f4345] drone signed
 1 file changed, 1 insertion(+)
 create mode 100644 .drone.yml.sig
➜  nodejs-helloworld git:(master) git push
Counting objects: 4, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (3/3), done.
Writing objects: 100% (3/3), 1.19 KiB | 0 bytes/s, done.
Total 3 (delta 1), reused 1 (delta 0)
To ssh://git@example.dev:10022/Ephemeral/nodejs-helloworld.git
   4f4629b..84f4345  master -> master

For this .drone.yml:

  deploy:
    image: appleboy/drone-ssh
    pull: true
    host:
      - example.dev
    port: 22
    user: nemonik
    key: ${SSH_KEY}
    script:
      - whoami

I get:

2017/02/27 19:32:21 example.dev: commands:  whoami
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x20 pc=0x5d42e3]
goroutine 18 [running]:
github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh.publicKeyCallback.auth(0xc42007f540, 0xc42007fb20, 0x20, 0x20, 0xc42000a36c, 0x7, 0x784c20, 0xc42008c840, 0x782620, 0xc42006e630, ...)
    /srv/app/src/github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh/client_auth.go:193 +0xb3
github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh.(*connection).clientAuthenticate(0xc42007a680, 0xc4200940c0, 0x0, 0xa)
    /srv/app/src/github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh/client_auth.go:36 +0x369
github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh.(*connection).clientHandshake(0xc42007a680, 0xc42006eed0, 0x22, 0xc4200940c0, 0x0, 0x0)
    /srv/app/src/github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh/client.go:105 +0x2e6
github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh.NewClientConn(0x786e20, 0xc42007c050, 0xc42006eed0, 0x22, 0xc420067ad8, 0x786e20, 0xc42007c050, 0x0, 0x0, 0xc42007f540, ...)
    /srv/app/src/github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh/client.go:75 +0xe2
github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh.Dial(0x676bf0, 0x3, 0xc42006eed0, 0x22, 0xc420067ad8, 0x22, 0x0, 0x1)
    /srv/app/src/github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh/client.go:169 +0xb3
github.com/appleboy/drone-ssh/easyssh.(*MakeConfig).connect(0xc420067ed0, 0x0, 0x0, 0x0)
    /srv/app/src/github.com/appleboy/drone-ssh/easyssh/easyssh.go:77 +0x16e
github.com/appleboy/drone-ssh/easyssh.(*MakeConfig).Stream(0xc420067ed0, 0xc42000a10e, 0x6, 0x33, 0x47, 0x50, 0x7a5860)
    /srv/app/src/github.com/appleboy/drone-ssh/easyssh/easyssh.go:95 +0x40
github.com/appleboy/drone-ssh/easyssh.(*MakeConfig).Run(0xc420067ed0, 0xc42000a10e, 0x6, 0x6769b0, 0x1, 0xc42000a10e, 0x6)
    /srv/app/src/github.com/appleboy/drone-ssh/easyssh/easyssh.go:130 +0x5d
main.Plugin.Exec.func1(0xc42000a26b, 0xa, 0x0, 0x0, 0xc42000a36c, 0x7, 0x0, 0x0, 0xc42006a8a0, 0x1, ...)
    /srv/app/src/github.com/appleboy/drone-ssh/plugin.go:71 +0x31e
created by main.Plugin.Exec
    /srv/app/src/github.com/appleboy/drone-ssh/plugin.go:79 +0x176

If I run appleboy/drone-ssh on the command line like so

docker run --rm -e PLUGIN_HOST=example.dev -e PLUGIN_USER=nemonik -e PLUGIN_KEY="$(cat /home/nemonik/.ssh/ephemeral)" -e PLUGIN_SCRIPT="whoami" -v $(pwd):$(pwd) -w $(pwd) appleboy/drone-ssh:latest

I get:

2017/02/27 19:40:58 example.dev: commands:  whoami
2017/02/27 19:40:59 example.dev: outputs: nemonik

2017/02/27 19:40:59 Successfully executed commands to all host.

nemonik commented 7 years ago

Am I missing something like fundamentally stupid?

nemonik commented 7 years ago

Cloned and added debugging fmt.Println's and then determined I needed --image=ephemeral/drone-ssh in the drone secret add. I could finally see the key

drone secret add --image=ephemeral/drone-ssh Ephemeral/nodejs-helloworld SSH_KEY @/home/nemonik/.ssh/ephemeral

but...

nemonik commented 7 years ago

Still getting same

2017/02/27 19:32:21 example.dev: commands:  whoami
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x20 pc=0x5d42e3]
goroutine 18 [running]:
github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh.publicKeyCallback.auth(0xc42007f540, 0xc42007fb20, 0x20, 0x20, 0xc42000a36c, 0x7, 0x784c20, 0xc42008c840, 0x782620, 0xc42006e630, ...)
    /srv/app/src/github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh/client_auth.go:193 +0xb3
github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh.(*connection).clientAuthenticate(0xc42007a680, 0xc4200940c0, 0x0, 0xa)
    /srv/app/src/github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh/client_auth.go:36 +0x369
github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh.(*connection).clientHandshake(0xc42007a680, 0xc42006eed0, 0x22, 0xc4200940c0, 0x0, 0x0)
    /srv/app/src/github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh/client.go:105 +0x2e6
github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh.NewClientConn(0x786e20, 0xc42007c050, 0xc42006eed0, 0x22, 0xc420067ad8, 0x786e20, 0xc42007c050, 0x0, 0x0, 0xc42007f540, ...)
    /srv/app/src/github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh/client.go:75 +0xe2
github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh.Dial(0x676bf0, 0x3, 0xc42006eed0, 0x22, 0xc420067ad8, 0x22, 0x0, 0x1)
    /srv/app/src/github.com/appleboy/drone-ssh/vendor/golang.org/x/crypto/ssh/client.go:169 +0xb3
github.com/appleboy/drone-ssh/easyssh.(*MakeConfig).connect(0xc420067ed0, 0x0, 0x0, 0x0)
    /srv/app/src/github.com/appleboy/drone-ssh/easyssh/easyssh.go:77 +0x16e
github.com/appleboy/drone-ssh/easyssh.(*MakeConfig).Stream(0xc420067ed0, 0xc42000a10e, 0x6, 0x33, 0x47, 0x50, 0x7a5860)
    /srv/app/src/github.com/appleboy/drone-ssh/easyssh/easyssh.go:95 +0x40
github.com/appleboy/drone-ssh/easyssh.(*MakeConfig).Run(0xc420067ed0, 0xc42000a10e, 0x6, 0x6769b0, 0x1, 0xc42000a10e, 0x6)
    /srv/app/src/github.com/appleboy/drone-ssh/easyssh/easyssh.go:130 +0x5d
main.Plugin.Exec.func1(0xc42000a26b, 0xa, 0x0, 0x0, 0xc42000a36c, 0x7, 0x0, 0x0, 0xc42006a8a0, 0x1, ...)
    /srv/app/src/github.com/appleboy/drone-ssh/plugin.go:71 +0x31e
created by main.Plugin.Exec
    /srv/app/src/github.com/appleboy/drone-ssh/plugin.go:79 +0x176

error. GRRRR.

PeterCat12 commented 7 years ago

I am confused why your image in drone secret add --image=ephemeral/drone-ssh Ephemeral/nodejs-helloworld SSH_KEY @/home/nemonik/.ssh/ephemeral should not be --image=appleboy/drone-ssh? Wouldn't your drone.yml also have to use ephemeral/drone-ssh as an image? It was my understanding that the image specified in the drone.ymlshould match the one you specify in the drone secret add command.

PeterCat12 commented 7 years ago

In addition, I cannot tell what I am doing differently from nemonik but I keep getting drone-ssh error: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain

I assume this means my key is not being properly injected into the image? If there a proper way to verify if those secrets are being injected or not?

nemonik commented 7 years ago

@PeterCat12, I cloned the appleboy/drone-ssh repo, added logging to print out p inside the Exec function in plugin.go to verify envs were being passed, then built the image.

I added SSH_KEY_PATH and SSH_KEY secrets via drone respectfully like so

drone secret add --image=ephemeral/drone-ssh Ephemeral/nodejs-helloworld SSH_KEY_PATH /home/nemonik/.ssh/ephemeral
drone secret add --image=ephemeral/drone-ssh Ephemeral/nodejs-helloworld SSH_KEY @/home/nemonik/.ssh/ephemeral

Passing SSH_KEY_PATH ephemeral/drone-ssh spits out

{
    "Config": {
        "Key": "${SSH_KEY_PATH}",
        "KeyPath": "/home/nemonik/.ssh/ephemeral",
        "UserName": "nemonik",
        "Password": "",
        "Host": [
            "example.dev"
        ],
        "Port": 22,
        "Timeout": 0,
        "Script": [
            "whoami"
        ]
    }
}

for .drone.yml entry

  ssh-deploy:
#    image: appleboy/drone-ssh
    image: ephemeral/drone-ssh
#    pull: true
    host: example.dev
    port: 22
    user: nemonik    
    key: ${SSH_KEY_PATH}
    script:
      - whoami

And then for the SSH_KEY

{
    "Config": {
        "Key": "${SSH_KEY}",
        "KeyPath": "/home/nemonik/.ssh/ephemeral",
        "UserName": "nemonik",
        "Password": "",
        "Host": [
            "example.dev"
        ],
        "Port": 22,
        "Timeout": 0,
        "Script": [
            "whoami"
        ]
    }
}

for .drone.yml entry

  ssh-deploy:
#    image: appleboy/drone-ssh
    image: ephemeral/drone-ssh
#    pull: true
    host: example.dev
    port: 22
    user: nemonik    
    key: ${SSH_KEY}
    script:
      - whoami

nemonik commented 7 years ago

Notice in prior comment in both instances the plugin.go code favored the KeyPath because I had left both the SSH_KEY_PATH and SSH_KEY as drone secrets, but if I re-run after removing the SSH_KEY_PATH secret the plugin spits out

{
    "Config": {
        "Key": "${SSH_KEY}",
        "KeyPath": "",
        "UserName": "nemonik",
        "Password": "",
        "Host": [
            "example.dev"
        ],
        "Port": 22,
        "Timeout": 0,
        "Script": [
            "whoami"
        ]
    }
}

PeterCat12 commented 7 years ago

Ah. Apologies. The fact that you cloned the repo went right by me. Isn't this only verifying that the config is successfully being changed and not that the resulting docker image holds the correct environment variables? That is what I am interested in. Since my version of python docker run --rm -e PLUGIN_HOST=example.dev -e PLUGIN_USER=nemonik -e PLUGIN_KEY="$(cat /home/nemonik/.ssh/ephemeral)" -e PLUGIN_SCRIPT="whoami" -v $(pwd):$(pwd) -w $(pwd) appleboy/drone-ssh:latest

works fine for me on the CL but drone keeps throwing up.

nemonik commented 7 years ago

Same here works fine when you run from docker, but not through drone...

I'm now working through what github.com/appleboy/drone-ssh/easyssh is doing when it gets called...

What is your host OS? Mine is CentOS Linux release 7.3.1611 (Core).

PeterCat12 commented 7 years ago

host OS is a Ubuntu 16.04.1 LTS.

nemonik commented 7 years ago

I copied my private key out of /home/nemonik/.ssh/ephemeral to /home/nemonik and changed group and other rights to permit reading the key, and then triggered a build... This time the SSH_KEY env is holding the contents of my private key vice not.

Printing out the env variables

PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
HOSTNAME=efda408c7aee
PLUGIN_PORT=22
DRONE_REPO_TRUSTED=false
DRONE_VERSION=0.5.0+826
SSH_KEY=-----BEGIN RSA PRIVATE KEY-----
7NWuL0VJ4d3luUR2u3RQYJqQqxleWBw72R3bMijFcYLuk939nD17iauCiwiYmlkX
liSWuz1oYgVejztVeLGWJ8m/1tFyt9gtfb7ekdqnVpIJEiHFnlN1UWFeDIlYVRXj
<snip>
lyEAdRUCgYEA5xPu0N4FspHGv0HtMTLMlqc1Ac9+teIexuDNQsLoZEppr2OA63vM
+/B+e7DX4cHTdGv2KUVnjvKM6nmiRsUlMTPtoSh52C7Dc5thqoHCSeNQv4K9G8vq
-----END RSA PRIVATE KEY-----
DRONE_ARCH=linux/amd64
PLUGIN_SCRIPT=whoami
DRONE_JOB_FINISHED=0
DRONE_JOB_STATUS=running
DRONE_REPO_OWNER=Ephemeral
DRONE_JOB_NUMBER=1
DRONE_COMMIT_AUTHOR=nemonik
DRONE_COMMIT_SHA=89fcca9d3adc5d0d4ec2f5584e1b1d0df5f5fee8
DRONE_COMMIT_BRANCH=master
DRONE=true
DRONE_BUILD_EVENT=push
DRONE_REPO_NAME=nodejs-helloworld
DRONE_JOB_EXIT_CODE=0
DRONE_REPO_LINK=http://example.dev:10080/Ephemeral/nodejs-helloworld
DRONE_BUILD_STARTED=0
DRONE_PREV_COMMIT_SHA=ffef83d7c945c77c9712c201f137a78a8e6d15c
DRONE_REMOTE_URL=http://example.dev:10080/Ephemeral/nodejs-helloworld.git
DRONE_BUILD_LINK=http://example.dev:8000/Ephemeral/nodejs-helloworld/100
DRONE_REPO=Ephemeral/nodejs-helloworld
DRONE_YAML_VERIFIED=true
PLUGIN_HOST=example.dev
DRONE_REPO_BRANCH=master
DRONE_REPO_PRIVATE=false
DRONE_COMMIT_REF=refs/heads/master
PLUGIN_USER=nemonik
PLUGIN_KEY=${SSH_KEY}
DRONE_YAML_SIGNED=true
DRONE_BUILD_CREATED=1488315481
DRONE_PREV_BUILD_STATUS=failure
DRONE_BUILD_NUMBER=100
CI=drone
DRONE_BUILD_FINISHED=0
DRONE_PREV_BUILD_NUMBER=99
DRONE_JOB_STARTED=1488315481
DRONE_COMMIT_MESSAGE=trigger build
DRONE_COMMIT_AUTHOR_AVATAR=https://www.gravatar.com/avatar/0625457a68a9f7cc74f99680427430e3.jpg?s=128
DRONE_BRANCH=master
DRONE_BUILD_STATUS=success
DRONE_COMMIT_AUTHOR_EMAIL=nemonik@example.dev
DRONE_COMMIT=89fcca9d3adc5d0d4ec2f5584e1b1d0df5f5fee8
HOME=/root

p in plugin.go is

{
    "Config": {
        "Key": "${SSH_KEY}",
        "KeyPath": "",
        "UserName": "nemonik",
        "Password": "",
        "Host": [
            "example.dev"
        ],
        "Port": 22,
        "Timeout": 0,
        "Script": [
            "whoami"
        ]
    }
}

still getting

2017/02/28 20:58:03 example.dev: commands:  whoami
panic: runtime error: invalid memory address or nil pointer dereference
[signal 0xb code=0x1 addr=0x20 pc=0x591650]
goroutine 19 [running]:
panic(0x6efa00, 0xc82000a0a0)
    /usr/lib/golang/src/runtime/panic.go:481 +0x3e6
golang.org/x/crypto/ssh.publicKeyCallback.auth(0xc82006f860, 0xc820010d20, 0x20, 0x20, 0xc820075050, 0x7, 0x7f7dc1169550, 0xc8200fc000, 0x7f7dc1129358, 0xc820078540, ...)
    /home/nemonik/golang/src/golang.org/x/crypto/ssh/client_auth.go:193 +0x170
golang.org/x/crypto/ssh.(*connection).clientAuthenticate(0xc8200f0100, 0xc8200f6000, 0x0, 0x0)
    /home/nemonik/golang/src/golang.org/x/crypto/ssh/client_auth.go:36 +0x538
golang.org/x/crypto/ssh.(*connection).clientHandshake(0xc8200f0100, 0xc8200793e0, 0x22, 0xc8200f6000, 0x0, 0x0)
    /home/nemonik/golang/src/golang.org/x/crypto/ssh/client.go:105 +0x457
golang.org/x/crypto/ssh.NewClientConn(0x7f7dc11650b0, 0xc82002c008, 0xc8200793e0, 0x22, 0xc8200bf8f8, 0x0, 0x0, 0x0, 0x0, 0x0, ...)
    /home/nemonik/golang/src/golang.org/x/crypto/ssh/client.go:75 +0x125
golang.org/x/crypto/ssh.Dial(0x751c88, 0x3, 0xc8200793e0, 0x22, 0xc8200bf8f8, 0x22, 0x0, 0x0)
    /home/nemonik/golang/src/golang.org/x/crypto/ssh/client.go:169 +0x104
_/home/nemonik/Development/workspace/ephemeral/drone-ssh/easyssh.(*MakeConfig).connect(0xc8200bfe88, 0x1, 0x0, 0x0)
    /home/nemonik/Development/workspace/ephemeral/drone-ssh/easyssh/easyssh.go:79 +0x55b
_/home/nemonik/Development/workspace/ephemeral/drone-ssh/easyssh.(*MakeConfig).Stream(0xc8200bfe88, 0xc82001008e, 0x6, 0x0, 0x0, 0x0, 0x0)
    /home/nemonik/Development/workspace/ephemeral/drone-ssh/easyssh/easyssh.go:108 +0x8b0

_/home/nemonik/Development/workspace/ephemeral/drone-ssh/easyssh.(*MakeConfig).Run(0xc8200bfe88, 0xc82001008e, 0x6, 0x0, 0x0, 0x0, 0x0)
    /home/nemonik/Development/workspace/ephemeral/drone-ssh/easyssh/easyssh.go:143 +0x75
main.Plugin.Exec.func1(0xc820075006, 0xa, 0x0, 0x0, 0xc820075050, 0x7, 0x0, 0x0, 0xc820074ea0, 0x1, ...)
    /home/nemonik/Development/workspace/ephemeral/drone-ssh/plugin.go:100 +0x350
created by main.Plugin.Exec
    /home/nemonik/Development/workspace/ephemeral/drone-ssh/plugin.go:108 +0xc7d

After modifiying plugin.go to use the /easyssh vice the githhub path to.

nemonik commented 7 years ago

@PeterCat12 and @appleboy:

So, awoke with the solution.

If you set a SHH_KEY secret like so

drone secret add --image=appleboy/drone-ssh Ephemeral/nodejs-helloworld SSH_KEY @/home/nemonik/.ssh/ephemeral

And then set up the pipeline like so:

  ssh-deploy:
    image: appleboy/drone-ssh
    pull: true
    host: example.dev
    port: 22
    user: nemonik    
    key: ${SSH_KEY}
    script:
      - whoami

The container/plugin will have an SSH_KEY environmental variable containing the text of your private key, but a PLUGIN_KEY environmental variable containing, well, ${SSH_KEY}. The SSH_KEY environmental variable is ignored, but the PLUGIN_KEY environmental is used to set p.Config.Key and this goes in easydrone to attempt the SSH connection resulting in a fail.

One has to understand all these parameters show up in the container/plugin prepended with PLUGIN_ and then the all caps form of the parameter.

So, your drone secret rm the SSH_KEY and instead set a PLUGIN_KEY like so

drone secret add --image=appleboy/drone-ssh Ephemeral/nodejs-helloworld PLUGIN_KEY @/home/nemonik/.ssh/ephemeral

and the modify your pipeline to:

  ssh-deploy:
    image: appleboy/drone-ssh
    pull: true
    host: example.dev
    port: 22
    user: nemonik    
    script:
      - whoami

Yeah, you don't even pass a key value as it already exists as secret. Trigger your build and things run fine like so:

2017/03/03 16:23:24 example.dev commands:  whoami
2017/03/03 16:23:24 example.dev: outputs: nemonik
2017/03/03 16:23:24 Successfully executed commands to all host.

I would suggest updating the documentation.

PeterCat12 commented 7 years ago

Can't wait to get home and test this!!! Thanks so much @nemonik.

appleboy commented 7 years ago

@nemonik @PeterCat12

How do you guys install drone server? Docker container or build binary by yourself?

PeterCat12 commented 7 years ago

@appleboy I installed it per the documentation tutorial for drone 0.5: http://readme.drone.io/0.5/install/server/

PeterCat12 commented 7 years ago

@nemonik, @appleboy unfortunately I am still not able to load up my private key to the docker container: drone-ssh error: ssh: handshake failed: ssh: unable to authenticate, attempted methods [publickey none], no supported methods remain ssh: handshake failed: ssh: unable to authenticate, attempted methods [publickey none], no supported methods remain

My yml:

ssh-deploy:
    image: appleboy/drone-ssh
    host: my host
    user: ubuntu
    port: 22
    script:
      - whoami

My secret command: drone secret add --image=appleboy/drone-ssh --skip-verify --event pull_request PeterCat12/SmashDB PLUGIN_KEY @/home/peter/Projects/keys/id_rsa

My command to run my drone server: sudo docker run -d --env-file /etc/drone/dronerc -v /var/lib/drone/:/var/lib/drone -p 80:8000 --restart=always --name=drone drone/drone:0.5

my dronerc file (not real secrets/clientid): DRONE_YAML=.drone.yml DRONE_DEBUG=true DRONE_GITHUB=true DRONE_SECRET=secert DRONE_GITHUB_CLIENT=clientid DRONE_GITHUB_SECRET=secret DRONE_OPEN=true DRONE_ADMIN=PeterCat12

PeterCat12 commented 7 years ago

Cloned and am printing out my p.Config. My key is successfully being set with the following drone.yml:

pipeline:
  ssh-deploy:
    image: petercat/drone-ssh
    host: host
    user: ubuntu
    port: 22
    pull: true
    script:
      - whoami
    when:
      event: [push, pull_request, tag, deployment]

printing out my config locally and on my drone server yields identical results.

{
    "Key": "----privatekey---",
    "KeyPath": "",
    "UserName": "ubuntu",
    "Password": "",
    "Host": ["host"],
    "Port": 22,
    "Timeout": 0,
    "CommandTimeout": 60,
    "Script": ["whoami"],
    "Proxy": {
        "User": "root",
        "Server": "",
        "Key": "",
        "KeyPath": "",
        "Port": "22",
        "Password": "",
        "Timeout": 0
    }
}

It seems that @nemonik is correct in that I don't have to set my key in the drone .yml. However, I am still getting handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain. I can successfully run docker run --rm -e PLUGIN_HOST=host -e PLUGIN_USER=ubuntu -e PLUGIN_KEY="$(cat /home/peter/Projects/keys/id_rsa)" -e PLUGIN_SCRIPT="whoami" petercat/drone-ssh both locally and on my EC2 instance. However, the drone server (on the ec2 instance) for some reason cannot authenticate... @appleboy What version of drone + docker are you running?

PeterCat12 commented 7 years ago

JESUS. One of the biggest face palm moments of my life. I was specifying the same host ec2 instance as the one drone was running on and NOT the target ec2 instance where I wanted to SSH into.

appleboy commented 7 years ago

@nemonik Can you help me try the latest drone-ssh version?

appleboy commented 7 years ago

@PeterCat12 You missing set key on drone config.

nemonik commented 7 years ago

Sure. I will pull and install today.

On Jun 7, 2017 1:52 AM, "Bo-Yi Wu" notifications@github.com wrote:

@nemonik https://github.com/nemonik Can you help me try the latest drone-ssh version?

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/appleboy/drone-ssh/issues/41#issuecomment-306693839, or mute the thread https://github.com/notifications/unsubscribe-auth/AAKwGAyMLRdPD5aFOnVnXwlMvpgFmUvTks5sBjqRgaJpZM4L7uGA .

appleboy / drone-ssh

panic: runtime error: invalid memory address or nil pointer dereference #41