abe*_*ier 3 git ssh github kubernetes sshpass
我在 Kubernetes 中有一个alpine映像,在其中我尝试使用 Deploy Key(带密码)推送到 Git。
现在我的command样子:
command: ["/bin/sh", "-c", "GIT_SSH_COMMAND=\"sshpass -p mygreatpassphrase ssh -vvv\" git -C /workspace push --mirror git@github.com:foo/bar.git"]
结果是:
<snip>
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey after 134217728 blocks
debug1: Will attempt key: /.ssh/id_rsa
debug1: Will attempt key: /.ssh/id_dsa
debug1: Will attempt key: /.ssh/id_ecdsa
debug1: Will attempt key: /.ssh/id_ed25519
debug1: Will attempt key: /.ssh/id_xmss
debug2: pubkey_prepare: done
debug3: send packet: type 5
debug3: receive packet: type 7
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,rsa-sha2-512,rsa-sha2-256,ssh-dss>
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug3: start over, passed a different list publickey
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /.ssh/id_rsa
它无限期地挂在这条线上。可悲的是,ssh 似乎没有更详细的输出。我不确定问题是sshpass在容器内部还是实际问题出在哪里。
在 Docker 中构建也挂起:
FROM alpine/git
RUN apk add --no-cache sshpass
RUN sshpass -p foo /bin/sh -c 'read X < /dev/tty'
sshpass 已打开以下文件:
lr-x------ 1 tempuser root 64 Jul 31 10:43 0 -> pipe:[380942247]
l-wx------ 1 tempuser root 64 Jul 31 10:43 1 -> pipe:[380942248]
l-wx------ 1 tempuser root 64 Jul 31 10:43 2 -> pipe:[380944011]
lrwx------ 1 tempuser root 64 Jul 31 10:43 3 -> /dev/pts/ptmx
lrwx------ 1 tempuser root 64 Jul 31 10:43 4 -> /dev/pts/0
ssh 相反:
lr-x------ 1 tempuser root 64 Jul 31 09:23 0 -> pipe:[380942247]
l-wx------ 1 tempuser root 64 Jul 31 09:23 1 -> pipe:[380942248]
l-wx------ 1 tempuser root 64 Jul 31 09:23 2 -> pipe:[380944011]
lrwx------ 1 tempuser root 64 Jul 31 09:23 3 -> socket:[380944638]
lrwx------ 1 tempuser root 64 Jul 31 10:43 4 -> /dev/tty
对于 Keys with Passphrase,SSH 提示不同。所以不得不使用-P assphrase以下命令更改提示:
command: ["/bin/sh", "-c", "GIT_SSH_COMMAND=\"sshpass -p mygreatpassphrase -P assphrase ssh -vvv\" git -C /workspace push --mirror git@github.com:foo/bar.git"]