Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,363,135
Community Members
 
Community Events
168
Community Groups

Bit bucket scp pipe is not using SSH_KEY

Using the SSH_KEY of the pipe https://bitbucket.org/atlassian/scp-deploy/src/master/

is not working.

Every time I get:

scp -rp -i /opt/atlassian/pipelines/agent/ssh/id_rsa_tmp -P 22 Warning: Identity file /opt/atlassian/pipelines/agent/ssh/id_rsa_tmp not accessible: No such file or directory.Host key verification failed.lost connection

 

This is my code: 

- pipe: atlassian/scp-deploy:0.3.4
variables:
USER: $SSH_USER
SSH_KEY: $SSH_DEPLOY_KEY
SERVER: $SSH_SERVER
REMOTE_PATH: '~/back-develop/docker-compose.yml'
LOCAL_PATH: 'docker-compose.yml'
DEBUG: 'true'
EXTRA_ARGS: '-P $SSH_PORT'

The `SSH_DEPLOY_KEY` is normally correct as it is working for the pipe `atlassian/ssh-run`. So it's a base64 encoding of the key that I added to my repository variables.

3 answers

I am having the same issue. I do believe that the SSH_KEY being passed in is the key being used however the issue I see is that when following the instructions mentioned above on the variables and secrets doc page it advises to add the server signature to the file ~/.ssh/known_hosts. 

Looking in to the logs more it looks like the container mounts the directoy 

/opt/atlassian/pipelines/agent/ssh

and then pulls the known hosts file from there. this is a read only dir in the parent container and only contains host keys I have added on the admin page and not in the pipelines itself 

Atlassisan - how can this behaviour be overriden so that when using a custom SSH_KEY variable the correct known hosts file is also loaded? 

@robin this could be because you have not added the host to the known hosts file in your bitbucket pipelines environment.

Check Step 2: Update the known hosts on this page https://support.atlassian.com/bitbucket-cloud/docs/variables-and-secrets/.

Without adding it, the ssh connection will fail because it cannot verify the remote host.

Hi @robin , could you try remove the SSH_KEY parameter and configure SSH keys from the repository settings as described here https://confluence.atlassian.com/bitbucket/use-ssh-keys-in-bitbucket-pipelines-847452940.html ?

P.S. Sorry for such a late reaction, the question fell of our radars for some reason.

I have the same issue: The `SSH_DEPLOY_KEY` is normally correct as it is working for the pipe `atlassian/ssh-run`. So it's a base64 encoding of the key that I added to my repository variables. But in atlassian/scp-deploy:0.3.12 does't work.

Same for us - it's documented as if it should work but it does not. Atlassian, can you confirm if this variable is used by this container?

Suggest an answer

Log in or Sign up to answer
TAGS

Atlassian Community Events