通过 GitLab CI/CD 将 Docker 容器部署到 EC2 时出错：加载公钥“/root/.ssh/id_rsa”：格式无效

Question

我目前正在尝试通过 dockerising 来部署我的 NodeJS API 并将其放到 EC2 上，但是我已经因为这个错误走到了死胡同： load pubkey "/root/.ssh/id_rsa": invalid format

我尝试过的事情

• 将我的私有 RSA 密钥从 PSK1 转换为 PSK8
• 将受保护的变量设置为 false（以及上述的各种组合）
• apt-get install openssl-client在 docker 中使用和转换私有 RSA 密钥（但显然我丢失了，apt-get所以我也尝试过apk这也不起作用......？？？？）

可疑的：

• 错误提到了pubkey，但所有教程都指出使用我的pem密钥，该密钥是从我的 EC2 设置中生成的。所以也许我错过了一个pubkey？但我找不到任何材料另有说明。

gitlab-ci.yml

    image: docker:19.03.12
    variables:
      DOCKER_TLS_CERTDIR: "/certs"
      DOCKER_DRIVER: overlay2
    services:
      - docker:19.03.0-dind
    before_script:
      - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
    stages:
      - build
      - deploy
    build:
      stage: build
      script:
        # - docker build --tag $CI_REGISTRY/$CI_PROJECT_PATH:latest . 
        # - docker push $CI_REGISTRY/$CI_PROJECT_PATH:latest
        - docker pull $CI_REGISTRY_IMAGE:latest || true
        - docker build --cache-from $CI_REGISTRY_IMAGE:latest --tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA --tag $CI_REGISTRY/$CI_PROJECT_PATH:latest . 
        - docker push $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
        - docker push $CI_REGISTRY/$CI_PROJECT_PATH:latest
    deploy:
      stage: deploy
      only:
        - master
      script:
        ###### Login to deployment server using SSH #####
        - mkdir -p ~/.ssh
        - echo "$DEPLOY_SERVER_PRIVATE_KEY" | tr -d '\r' > ~/.ssh/id_rsa
        - chmod 700 ~/.ssh/id_rsa
        - '[[ -f ./dockerenv ]] && echo -e "Host *\n\tStrickHostKeyChecking no\n\n" > ~/.ssh/config'
        - 'which ssh-agent || ( apt-get update -y && apt-get install openssh-client -y )'
        - eval "$(ssh-agent -s)"
        - ssh-add ~/.ssh/id_rsa
        - ssh-keyscan -H $DEPLOYMENT_SERVER_IP >> ~/.ssh/known_hosts  
        ###### Pull the registry to deployment server and recereate the docker service #####    
        - ssh $DEPLOYMENT_SERVER_USERNAME@$DEPLOYMENT_SERVER_IP docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY 
        - ssh $DEPLOYMENT_SERVER_USERNAME@$DEPLOYMENT_SERVER_IP docker pull $CI_REGISTRY/$CI_PROJECT_PATH:latest
        - ssh $DEPLOYMENT_SERVER_USERNAME@$DEPLOYMENT_SERVER_IP docker run $CI_REGISTRY/$CI_PROJECT_PATH:latest

gitlab-runner config.toml

    [[runners]]
      name = "docker-runner"
      url = "https://gitlab.com/"
      token = "secretkey"
      executor = "docker"
      [runners.custom_build_dir]
      [runners.cache]
        [runners.cache.s3]
        [runners.cache.gcs]
      [runners.docker]
        tls_verify = false
        image = "docker:19.03.12"
        privileged = true
        disable_entrypoint_overwrite = false
        oom_kill_disable = false
        disable_cache = false
        volumes = ["/certs/client", "/cache"]
        shm_size = 0

CI 转轮输出

    $ ssh $DEPLOYMENT_SERVER_USERNAME@$DEPLOYMENT_SERVER_IP docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
    load pubkey "/root/.ssh/id_rsa": invalid format
    Login Succeeded
    $ ssh $DEPLOYMENT_SERVER_USERNAME@$DEPLOYMENT_SERVER_IP docker pull $CI_REGISTRY/$CI_PROJECT_PATH:latest
    load pubkey "/root/.ssh/id_rsa": invalid format