Reputation: 37
How do I ssh into a GCP compute engine instance from circleci?
I'm using circleci 2.0 and I'm trying to have circleci enter a gcp instance via ssh and fire off a deployment script with this command
sudo /opt/google-cloud-sdk/bin/gcloud compute ssh instance-1
--command=/home/deploy_staging.sh --zone=us-east1-b
Doing this from my local machine works just fine, but when I try to do it from circleci I get this error:
WARNING: The public SSH key file for gcloud does not exist.
WARNING: The private SSH key file for gcloud does not exist.
WARNING: You do not have an SSH key for gcloud.
WARNING: SSH keygen will be executed to generate a key.
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase):
Too long with no output (exceeded 10m0s)
Obviously it's ssh issues. I read something about putting ssh keys in the instance on gcp, and I have put my local machine's ssh keys there, but that still doesn't work.
Upvotes: 2
Views: 992
Answers (3)
Reputation: 778
You can first activate the service account in a previous step instead:
- run:
name: Activate GCP Service Account
resource_class: medium
command: |
echo $GCP_SERVICE_ACCOUNT_INTEGRATION | gcloud auth activate-service-account --key-file=-
gcloud --quiet config set project ${GCP_PROJECT_ID_INTEGRATION}
Then execute gcloud with `--quiet``
Upvotes: 0
Reputation: 168
gcloud \
--quiet \
--project="${PROJECT}" \
compute ssh "${INSTANCE_NAME}" \
--zone "${ZONE}" \
--strict-host-key-checking=no \
--command "echo works"
--quiet is all you need and it will generate a key if one is not available. I am using this with a service account.
WARNING: The public SSH key file for gcloud does not exist.
WARNING: The private SSH key file for gcloud does not exist.
WARNING: You do not have an SSH key for gcloud.
WARNING: SSH keygen will be executed to generate a key.
Generating public/private rsa key pair.
Your identification has been saved in /root/.ssh/google_compute_engine.
Your public key has been saved in /root/.ssh/google_compute_engine.pub.
The key fingerprint is:
SHA256:un2aZmExTGVD0KvebEVqAujrlXoAb0u7jO3Z5boCWaA root@581dc589b7fa
The key's randomart image is:
+---[RSA 2048]----+
| .== |
| . .... |
| . . . o . |
|E . o . + . . |
| * .S+ o |
| o * o= o . |
| + =+o.* . |
| +==.=+.= |
| .oO+===+ |
+----[SHA256]-----+
WARNING: Using OS Login user [sa_102839341411404994442] instead of default user [root]
Upvotes: 3
Reputation: 171
According to the official CircleCI documentation, you first need to add the SSH key for the server in the CircleCI application - this can be done on your project’s settings and under the SSH Permissions section.
Upvotes: 1
Related Questions
- setting up global gcp vm
- How can I SSH to my GCP Kubernetes cluster?
- SSH access to GCP VM
- Problems connecting ssh to GCP's compute engine
- Google Compute Engine SSH
- SSH-ing to Google Compute Engine instance through Mac OS X terminal
- How to SSH into compute-engine?
- How to deploy from CircleCI to Google Compute Engine?
- GCE SSH Access to VM Instance
- ssh to my compute engine machine