Permission Denied for deploying in GitHub using travis-CI - node.js

I am working on a project which I want to publish in GitHub pages. To automate the deploying process I'm using Travis CI. For this I have created a deploy.sh file, which has the following code.
# build
npm run docs:build
# navigate into the build output directory
cd docs/.vuepress/dist
# if you are deploying to a custom domain
# echo 'www.example.com' > CNAME
git add -A
git commit -m 'deploy'
# if you are deploying to https://<USERNAME>.github.io
# git push -f git#github.com:<USERNAME>/<USERNAME>.github.io.git master
# if you are deploying to https://<USERNAME>.github.io/<REPO>
git push -f git#github.com:<username>/<repo>.git master:gh-pages
cd -
I have added this in my .travis.yml file, which is below
language: nodejs
node_js:
- "lts/*"
before_script:
- npm install
script:
- bash ./scripts/deploy.sh
Now when I push my code to the master, In travis-ci.org it shows that the build is failed, with the following outputs,
Warning: Permanently added the RSA host key for IP address '192.30.253.113' to the list of known hosts.
Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
The command "bash ./scripts/deploy.sh" exited with 128.
I have followed other SO answers of the same type of errors like this link and also followed the way to generate and adding ssh key to my GitHub account but no success. I will be grateful if you could help me out. Thank you.

If you want to push via ssh then travis needs to have access to the private part of the ssh key you generated. What you want to do is use the travis cli gem to encrypt the private key, add it to your repo and during the deploy stage decrypt it again and use it.
Here's a step-by-step

Related

git clone from internal gitlab repository doesn't work unless I'm running as root

I'm trying to clone an internal gitlab repository, but it keeps giving me this error message
fatal: unable to access 'https://gitlab**************.git/': gnutls_handshake() failed: Error in the pull function.
But somehow, if I'm running as root, the cloning process would run perfectly.
The problem is, I needed this to work because I'm trying to use this repository on Jenkins.
Can someone help me or explain why it only worked if I'm running as root?
root uses the same version of git and curl.
But it does not use the same:
global git config: compare the output of git config --global -l in both instances (root and regular user account).
environment configuration (type env in both cases, and compare the environment variables)
In particular, look for sslcainfo (git config --global -l|grep -i ssl) which could reference the certificate needed to contact through TLS your on-premise HTTPS GitLab URL.

How to solve the problem Host key verification failed

I created a .gitlab-ci.yml file.
the project is already in the remote server.
I created gitlab-runner in my remote server and I chose the shell option.
my file .gitlab-ci.yml just makes the update for the project i.e. (we will do "git pull origin master"
and here is my .gitlab-ci.yml script
stages:
- build
before_script:
- cd/home/devops/projects/my-project
building:
stage: build
script:
- git status
- sudo git pull origin master
when I run the pipeline i get this error.
$git pull origin master.
Host key verification failed.
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists. "
please how could we solve this problem?
I'm really stuck with this problem
thank you so much
It seems like an issue with your ssh keys between the gitlab-runner host and gitlab. This topic might answer your question:
Git-error-host-key-verification-failed-when-connecting-to-remote-repository
Basically, log in your gitlab-runner host and check ${HOME}/.ssh/known_hosts. You should see the current public key from your gitlab host. If not, you will need to remove it and update it.

gitlab-runner using directory path instead of URL to clone; fails with "does not appear to be a git repository"

I am trying to run my GitLab CI tests locally, to speed up developing CI.
I installed gitlab-runner locally (on my GNU/Linux box) following these instructions.
Now, when I run sudo gitlab-runner exec docker test, I get:
sudo gitlab-runner exec docker test
Runtime platform arch=amd64 os=linux pid=7133 revision=0e5417a3 version=12.0.1
Running with gitlab-runner 12.0.1 (0e5417a3)
Using Docker executor with image joyzoursky/python-chromedriver:2.7 ...
Pulling docker image joyzoursky/python-chromedriver:2.7 ...
Using docker image sha256:f593ebe67d0c75eb8e3d663412c8fc80df70bd08e835d7a64ba6afa21b1c2d8a for joyzoursky/python-chromedriver:2.7 ...
Running on runner--project-0-concurrent-0 via hostname...
Fetching changes...
Initialized empty Git repository in /builds/project-0/.git/
Created fresh repository.
fatal: '/home/USER/path/to/repo' does not appear to be a git repository
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
ERROR: Job failed: exit code 1
FATAL: exit code 1
(/home/USER/path/to/repo is the actual path to my working directory containing .gitlab-ci.yml, and my project code)
So, it looks like gitlab-runner is trying to use the directory path as a git clone URL, which obviously won't work.
I tried specifying --clone-url=, but I can't understand what part of the full project URL (either in the main git repo, or the gitlab mirror) I should be using.
Any clues?
If you are on Fedora and have SELinux enabled; try setting that to permissive:
sudo setenforce 0
SELinux blocks any activity that isn't allowed by some existing policy. The GitLab runner is basically a docker container trying to access files on the host machine, so that gets blocked...which leads the runner to report that you don't have a valid repository at (an error saying it can't read the files would have made more sense but we don't live in a perfect world)
The lazy fix is to make SELinux blanket permit the activity, if you don't do this sort of thing often enough to warrant a policy change for example.
The more security conscious will prefer to edit the policy instead. Figure out some unique identifier in the denial error, then create a new policy to allow it
sudo grep <needle> /var/log/audit/audit.log | audit2allow -M gitlab
sudo semodule -i gitlab.pp

Git remote pull using GitHub deployment keys - Permission Denied

I have done the following steps to setup ssh deployment keys with our git repo for it to be able to git pull without a username and password:
Note: I am on AWS EC2 / Ubuntu 14.04.3
Run ssh-keygen -t rsa -b 4096 -C "ownersEmail#gmail.com" these are then saved as id_rsa and id_rsa.pub in ~/.ssh/
The deployment public key (id_rsa.pub) is added on the GitHub online UI in the deployment keys section
The directory is already cloned in /var/www/ directory, this is working all good via HTTPS for pulling
Try sudo git pull git#github.com:ownersUsername/OurRepo.git and get the following error
Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
Another Note: This repository is private under another users account.
Also, when I try ssh git#github.com I get:
Hi userName/Repo! You've successfully authenticated, but GitHub does not provide shell access.
Connection to github.com closed.
And the deployment key comes up as being used. Have been on this issue for greater than 4 hours now and any would would be very much appreciated, thanks.
The problem is you're using sudo, which runs the command as root, and it will try to use the root's keys not your user's keys.
What you want to do is:
give your user/group write access to /var/www
run the pull/clone as the user, not the root user.
When you do a git pull you don't need the link.
git pull <remote> <branch>
You need the full url for the clone command
sudo git clone git#github.com:ownersUsername/OurRepo.git
To test if your ssh key is good use this:
git fetch --all --prune

Dummy questions about setting up git on amazon cloud ec2

first of all, apologize for dummy questions that I might throw here. It would be nice if you could point the directions where should I go from here.
I'm totally new to version control(as well as git) and cloud system. However, it came to the point that I have to develop php web based application on AWS EC2 instance and make codes contributable for future developers.
I did successfully create EC2 instance that run PHP/MySQL and map the domain with Elastic IP. So the website is now publicly accessible via port 80.
I also installed git using $sudo yum install git and configed user.name and user.email
I then, go to root folder of the website (e.g. public_html) and run ‘git init’ which create the fold “.git” and I then add file using “git add .” and commit “git commit -m ‘initial upload’”
Is that the right way to go? Would it be ok to have the project folder sitting on /public_html (where accessible from anyone).
If above is ok, then where should I go from here?
I would like to have git server running on EC2 that allow developers to connect from their local machines (e.g. Eclipse) while being able to keep the backup and compare the different between codes.
What detail do I suppose to give developers so that they can connect to git server and working on project?
I quick direction or few keywords to do more research would help.
look here for more information on setting up git on amazon ec2
to allow developers to use you git, you just need to give them the git server url.
Direct quote from the site i'm linking to.
"First and foremost, you need to add your EC2 identity to the ssh
authentication agent. This prevents problems with git later, namely
getting the error “Permission denied (publickey).” when trying to do a
git push to the EC2 repository.
ssh-add path/to/privateEC2key.pem
Now you can go ahead and create the git repository on the EC2
instance.
ssh username#hostname.com
mkdir the_project.git
cd the_project.git
git init --bare
So not much going on here, all we do is create an empty repository and
then leave. Now, on the local machine, you do something like the
following:
cd the_project
git init
git add .
git commit -m "Initial git commit message"
git remote add origin username#hostname.com:the_project.git
git config --global remote.origin.receivepack "git receive-pack"
git push origin master
The ‘git config’ command is a fix that I found necessary to be able to
push to the EC2 repository."
The mentioned link by Alex gives a good starting point to setup git on ec2. But I followed a little different approach as mentioned here. link. Direct Quotes from the page:
"Connecting with SSH without a PEM key" : So either you add the ec2 private key and add it as a entity in your ssh authentication agent or create a new ssh key for your user and use that. Steps to be followed are:
Create SSH Key
First up you will need to navigate to your .ssh folder on your local machine :
cd
cd .ssh
if this folder doesn’t exist use mkdir to make it.
Once in your ssh folder on your local machine which should be in /Users/yourusername/.ssh generate your key by executing the following.
ssh-keygen -t rsa -b 1024
When prompted enter the file name to save the key enter id_rsa_aws, when prompted to enter a password leave blank.
In your .ssh directory execute the following command and copy the output to paste later.
cat id_rsa_aws.pub
Now connect to you AWS instance using you PEM key
ssh -i path/to/yourkeyname.pem ubuntu#xx.xxx.xxx.xxx
Once in
echo 'the key you copied from id_rsa_aws.pub' >> .ssh/authorized_keys
chmod 640 .ssh/authorized_keys
chmod 750 .ssh
Now you go to your machine and type
cd desired directory
git clone ubuntu#xx.xxx.xxx.xxx:<path_to_your_just_created_git_server>
If you did all the above mentioned steps correct, the only warning you might get is
warning: You appear to have cloned an empty repository.
That's ok. Now you can copy all your code into the clone directory, and follow the following steps:
git add .
git commit -m "Initial commit"
git push origin master // If working on master branch
i created a GitHub gist with all the details hope it helps
https://gist.github.com/eslam-mahmoud/35777e4382599438023abefc9786a382
//add your EC2 .pem file to ssh kys
ssh-add ~/aws/mypemfile.pem
//create bare repo on AWS EC2 webserver and deploy on demand
mkdir ~/git/the_project
cd ~/git/the_project
git init --bare
//create local repo and track remote one
cd ~/git/the_project
git init
git add .
git commit -m "Initial git commit message"
git remote add aws ubuntu#1.1.1.1:~/git/the_project
git config --global remote.origin.receivepack "git receive-pack"
git push aws master
//create tag
git tag -a v0.1 -m "my version 0.1"
//push tags
git push aws --tags
//Or you have one so you push your updates
git remote add aws ubuntu#1.1.1.1:~/git/the_project
git config --global remote.origin.receivepack "git receive-pack"
git push aws master
//create tag
git tag -a v0.1 -m "my version 0.1"
//push tags
git push aws --tags
//on server create another local repo that track the bare one to deploy
git clone ~/git/the_project
cd ./the_project
//checkout tag
git checkout v0.1
//install clear cache ...
npm install

Resources