stackoom
  简体   繁体   中英

GitLab-CI: can't deploy using lftp any more

 原文  2021-08-19 16:17:00       gitlab/ continuous-integration/ gitlab-ci/ sftp

Question

I have a problem with my deploy script in GitLab CI which used to work for the last two years. Since a week or so, the auto-verification of the root ECDSA is not working (I'm using lftp to deploy some files) .

This is how the output of the pipeline used to looked like.

$ lftp -u $FTP_USERNAME,$FTP_PASSWORD -p 22 sftp://my.ftp.server -e "debug; set sftp:auto-confirm yes; mirror --reverse --verbose --delete public/ mount/; bye"
---- Running connect program (ssh -a -x -s -l ftp_products -p 22 my.ftp.server sftp)
---> sending a packet, length=5, type=1(INIT), id=0
<--- The authenticity of host 'my.ftp.server (xxx.xxx.xxx.xxx)' can't be established.
<--- ECDSA key fingerprint is SHA256:Z2s4NdXMJ04EfN3jm4xZ/ZwJE4E6Lj/HP8oHWzIod4M.
<--- Are you sure you want to continue connecting (yes/no)? yes

Note that ssh asks for confirmation whether or not to continue, which is confirmed with yes by the command line option sftp:auto-confirm yes . The pipeline continues as intended.

Since last week, I get this as output from my deploy script:

$ lftp -u $FTP_USERNAME,$FTP_PASSWORD -p 22 sftp://my.ftp.server -e "debug; set sftp:auto-confirm yes; mirror --reverse --verbose --delete public/ mount/; bye"
---- Running connect program (ssh -a -x -s -l ftp_products -p 22 my.ftp.server sftp)
---> sending a packet, length=5, type=1(INIT), id=0
The authenticity of host 'my.ftp.server (xxx.xxx.xxx.xxx)' can't be established.
<--- ECDSA key fingerprint is SHA256:Z2s4NdXMJ04EfN3jm4xZ/ZwJE4E6Lj/HP8oHWzIod4M.
**** Timeout - reconnecting
---- Disconnecting
---- Running connect program (ssh -a -x -s -l ftp_products -p 22 my.ftp.server sftp)
---> sending a packet, length=5, type=1(INIT), id=0
The authenticity of host 'my.ftp.server (xxx.xxx.xxx.xxx)' can't be established.
<--- ECDSA key fingerprint is SHA256:Z2s4NdXMJ04EfN3jm4xZ/ZwJE4E6Lj/HP8oHWzIod4M.
**** Timeout - reconnecting
---- Disconnecting

Note, that ssh isn't even prompting for yes|no , so the command-line option to confirm the fingerprint automatically has no effect.

Has anyone faced this problem before and has a solution?

1 answers

solution1
 0  2021-12-01 20:53:44

I started experiencing the same issue while using node docker image in my GitLab CI, which uses Debian under the hood. I was just using node meaning that in fact it was node:latest , that would most likely use the newest Debian version.

I found the following bug report on Debian website mentioning that there is a problem with lftp and Debian Bullseye version, where that SSH prompt is in fact not displaying. Debian Buster worked just fine.

I switched the image to node:bullseye and this problem persisted. Then I changed the image to the older node:buster and the problem was gone.

I would suggest investigating your image to determine what OS is it based on. If that is Debian as well, try playing around with versions. Hopefully that will get fixed soon.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question lftp fails to run in gitlab-ci, returns shell not found Gitlab-ci and deploy.sh Can't access gitlab-ci environment variables in build.gradle UPD: when using kaniko can't fetch another git repo using .gitmodules in gitlab-ci Deploy a proyect with Gitlab cd/ci and lftp in a server with cpanels is it possible to deploy a simple java web application to a local server using gitlab-ci without docker? GitLab-CI Multi Runner can't fetch gitlab repo and returns http error Build Erlang using gitlab-ci MongoDB server doesn't start at gitlab runner using gitlab-ci How to properly deploy to host from gitlab-ci (+docker)?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM