[英]SSH key passphrase with git pull using Fabric
I'm trying to automate deployment of application using fabric. 我正在尝试使用fabric自动部署应用程序。
The application code is hosted on GitHub and rolling out a new version is very straightforward - just do 'git pull' and that's it. 应用程序代码托管在GitHub上,推出一个新版本非常简单 - 只需要'git pull'就可以了。 The application is hosted on 100 servers, so I would like to automate deployment.
该应用程序托管在100台服务器上,因此我希望自动部署。 Fabfile.py:
Fabfile.py:
def deploy():
code_path = '/home/myuser/myapp'
with cd(code_path):
run('git pull')
run('git submodule update --init --recursive')
The problem is, on every git command I get a promt: Enter passphrase for key '/home/myuser/.ssh/id_rsa
: 问题是,在每个git命令上我得到一个promt:
Enter passphrase for key '/home/myuser/.ssh/id_rsa
:
Is there a way to automatically input the passphrase? 有没有办法自动输入密码? It's the same on every server and the same as sudo password
它在每台服务器上都是一样的,与sudo密码相同
I've tried to fexpect library , but I'm wondering whether there is better (ie standard) way of doing it. 我曾尝试过访问库 ,但我想知道是否有更好的(即标准的)方法。
You can also use a ssh key agent and use the agent forwarding. 您还可以使用ssh密钥代理并使用代理转发。 Always put a password on keys.
始终在密钥上输入密码。 Github has good docs on how to utilize this here .
Github在这里有如何利用它的好文档。
Fabric should now also have agent forwarding ability. Fabric现在也应该具有代理转发能力。 I've run into troubles with it in some corner cases, but gotten around them with an explicit local('ssh -A...) as a work around until the issue is resolved.
我在一些极端情况下遇到了麻烦,但是在问题解决之前,用一个明确的本地('ssh -A ...)作为解决方法绕过它们。
Although I consider ssh-aget forwarding described in the accepted answer to be a preferable solution (if you get it worked), but there is alternative to it, provided by Fabric itself: 虽然我认为在接受的答案中描述的ssh-aget转发是一个更好的解决方案(如果你使它工作),但有替代它,由Fabric本身提供:
Fabric has it's own "password" settings option (ie env.password
entry). Fabric有自己的“密码”设置选项(即
env.password
条目)。 you can make fabric to automatically input the passphrase (and sudo passwod) if you set the env.password
( see documentation ): 如果设置
env.password
可以使fabric自动输入密码(和sudo passwod)( 参见文档 ):
password
密码
Default:
None
默认值:
None
The default password used by the SSH layer when connecting to remote hosts, and/or when answering sudo prompts.
连接到远程主机时和/或回答sudo提示时SSH层使用的默认密码。
You can set password with it either of following options : 您可以使用以下任一选项设置密码 :
env.password = 'PASSWORD'
directly in code inside "fabfile.py", env.password = 'PASSWORD'
, fab
command, using -p PASSWORD
or --password=PASSWORD
( documentation ). fab
命令的选项,使用-p PASSWORD
或--password=PASSWORD
( 文档 )。 passwod=PASSWORD
line in a ~/.fabricrc
( documentation ) which gets loaded before each fab
command and neither command line option nor code change is required if you use this option. passwod=PASSWORD
行放在~/.fabricrc
( 文档 )中,该文件在每个fab
命令之前加载,如果使用此选项,则不需要命令行选项和代码更改。 Don't use pass phrases when making a key. 制作钥匙时不要使用密码短语。 Simply press enter and then again to confirm.
只需按Enter键再按确认即可。 You can also have more than one key.
您还可以拥有多个密钥。 Some with passwords, some without.
有些用密码,有些没用。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.