Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Copy generated SSH public key with ssh-copy-id from pipeline image to remote server

mohessaid
mohessaid July 17, 2021

I created a custom docker image based on Alpine. Moreover, I added a Python script to read secrets from our Vault server and use Rsync to deploy the repository to our servers.

Testing this script in a server or my own workstation was successful. However, When I tried to use it in Bitbucket pipeline it wasn't able to copy the public ssh key (generated from bitbucket ssh tab in pipeline settings). I went through the running image with some command to search for the keys and I find only the private key and no public key. I checked also some pipeline images from this project but still have the same issue. I am using the script from rsync deploy pipeline which looks like this:



#!/bin/bash## Bitbucket Pipelines#

source "$(dirname "$0")/common.sh"

info "Executing the pipe..."

setup_ssh_dir() { 

  INJECTED_SSH_CONFIG_DIR="/opt/atlassian/pipelines/agent/ssh" 

  # The default ssh key with open perms readable by alt uids 

  IDENTITY_FILE="${INJECTED_SSH_CONFIG_DIR}/id_rsa_tmp" 

  # The default known_hosts file 

  KNOWN_HOSTS_FILE="${INJECTED_SSH_CONFIG_DIR}/known_hosts"
  mkdir -p ~/.ssh || debug "adding ssh keys to existing ~/.ssh" 
  touch ~/.ssh/authorized_keys chmod -R 700 ~/.ssh

  if [ ! -f ${IDENTITY_FILE} ]; then 
     error "No default SSH key configured in Pipelines." 
     exit 1 else debug "Using default ssh key" 

     cp ${IDENTITY_FILE} ~/.ssh/pipelines_id 
     chmod 600 ~/.ssh/pipelines_id 
     ssh-keygen -y -f ~/.ssh/pipelines_id > ~/.ssh/pipelines_id.pub 
  fi

  if [ ! -f ${KNOWN_HOSTS_FILE} ]; then 
    error "No SSH known_hosts configured in Pipelines." 
    exit 2 
  fi

  cat ${KNOWN_HOSTS_FILE} >> ~/.ssh/known_hosts 

  if [ -f ~/.ssh/config ]; then 

    debug "Appending to existing ~/.ssh/config file" 

  fi 

  echo "IdentityFile ~/.ssh/pipelines_id" > ~/.ssh/config 
  chmod -R go-rwx ~/.ssh/

}

enable_debug
setup_ssh_dir


The result I am getting when I execute an ssh-copy-id of the copied key:

 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/pipelines_id.pub"
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/pipelines_id.pub"

 Am I doing something wrong and why there is no trace of the public key inside the image when it runs in the pipeline. And what's the right way to copy it on pipeline execution. 

Answer
Watch
Like Be the first to like this
719 views

0 answers

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
TAGS
AUG Leaders

Atlassian Community Events

    See all events