Closed meodemsao closed 5 years ago
The ansible error is pretty obvious, your provided ssh key got an invalid format. Import it properly as a drone secret and it works totally fine.
@tboerger I added ansible_private_key key as a drone secret with plugins/ansible (latest)
- name: apply ansible playbook
image: plugins/ansible
settings:
playbook: ./.ansible/playbook.yml
inventory: ./.ansible/host
private_key:
from_secret: ansible_private_key
`
My private key format
-----BEGIN OPENSSH PRIVATE KEY-----
code
-----END OPENSSH PRIVATE KEY-----
I have any mistake
Please try again with a key in the format:
-----BEGIN RSA PRIVATE KEY-----
SNIP
-----END RSA PRIVATE KEY-----
@tboerger I has been try this but have same this error
@meodemsao How do you add your key as a secret? From the WebUI? This can be the reason for the invalid key. Try to add the key with drone cli:
drone secret add --repository octocat/hello-world --name ansible_private_key --data @/root/ssh/id_rsa
@xoxys I add from webui, this is a problem ? I will try with drone cli
Sometimes it could lead to problems with multi-line secrets like SSH keys.
I add success ansible_private_key to drone
drone secret add --repository xxx/xxx --name ansible_private_key --data ~/.ssh/id_rsa
but have same error
Nope you did not. Look at my example above. The @ has to be there and use absolute filepath to your private key
with your command the secret got the value ~/.ssh/id_rsa
, but it doesn't contain the file content.
@xoxys thanks 👍
@meodemsao works?
@xoxys yes 💯
Great! We need to document this a bit better. It is very hard to finde in the docs..
Sorry to open this issue again. What's the recommended way of adding a secret from a file when drone runs in docker? Seems like the 'drone' binary isn't available in Docker.
The drone CLI tool was AFAIK never part of the drone server docker image. It is intended to be used from a client/workstation. See https://docs.drone.io/cli/install/
The drone CLI tool was AFAIK never part of the drone server docker image. It is intended to be used from a client/workstation. See https://docs.drone.io/cli/install/
Thanks! Never realized there was a separate CLI utility. Sorry, should have found it on my own.
Hi! So, back in time... For those who uses Drone as docker image (like @nickbouwhuis and me) should install the cli inside the docker image?
This is an incredibly frustrating quirk. I have a key in a secret that I created through the Web UI which works perfectly for appleboy/drone-ssh, yet fails with this plugin.
I have tried every combination possible I add my key like so
drone secret add --repository my/repo --name ssh_private_key --data @/root/.ssh/id_rsa
I then need to use it inside my pipeline like so:
name: Set up SSH, Install Rust and build release image: ubuntu:20.04 commands:
chmod 600 ~/.ssh/id_rsa
the private key is definitely loaded:
But i get this error:
ssh://my.host:222/Repo/package
Warning: Permanently added '[my.host]:222,[my.host.ip]:222' (ECDSA) to the list of known hosts.
Load key "/root/.ssh/id_rsa": invalid format
root@my.host: Permission denied (publickey).
fatal: Could not read from remote repository.the key is definitely the correct key
Any help is much appreciated, this is affecting a lot :(
I have issue when using plugin with ssh key logged from my local machine
UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: Warning: Permanently added 'x.x.x.x' (ECDSA) to the list of known hosts.\r\nLoad key \"/tmp/privateKey112652127\": invalid format\r\n****@x.x.x.x: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).\r\n", "unreachable": true}