Commit afe1dc42 authored by Paul McCarthy's avatar Paul McCarthy 🚵
Browse files

CI: Use ssh-keyscan instead of injecting known hosts

parent 6bfee4e7
......@@ -31,8 +31,6 @@ if [[ -f /.dockerenv ]]; then
if [[ "$CI_PROJECT_PATH" == "$UPSTREAM_PROJECT" ]]; then
echo "$SSH_PRIVATE_KEY_DOC_DEPLOY" > $HOME/.ssh/id_doc_deploy;
echo "$SSH_PRIVATE_KEY_CONDA_DEPLOY" > $HOME/.ssh/id_conda_deploy;
echo "$SSH_PRIVATE_KEY_CONDA_INDEX" > $HOME/.ssh/id_conda_index;
fi;
chmod go-rwx $HOME/.ssh/id_*;
......@@ -41,10 +39,10 @@ if [[ -f /.dockerenv ]]; then
if [[ "$CI_PROJECT_PATH" == "$UPSTREAM_PROJECT" ]]; then
ssh-add $HOME/.ssh/id_doc_deploy;
ssh-add $HOME/.ssh/id_conda_deploy;
fi
echo "$SSH_SERVER_HOSTKEYS" > $HOME/.ssh/known_hosts;
ssh-keyscan ${UPSTREAM_URL##*@} >> $HOME/.ssh/known_hosts;
ssh-keyscan ${DOC_HOST##*@} >> $HOME/.ssh/known_hosts;
touch $HOME/.ssh/config;
......@@ -57,16 +55,6 @@ if [[ -f /.dockerenv ]]; then
echo " User ${DOC_HOST%@*}" >> $HOME/.ssh/config;
echo " IdentityFile $HOME/.ssh/id_doc_deploy" >> $HOME/.ssh/config;
echo "Host condadeploy" >> $HOME/.ssh/config;
echo " HostName ${CONDA_HOST##*@}" >> $HOME/.ssh/config;
echo " User ${CONDA_HOST%@*}" >> $HOME/.ssh/config;
echo " IdentityFile $HOME/.ssh/id_conda_deploy" >> $HOME/.ssh/config;
echo "Host condaindex" >> $HOME/.ssh/config;
echo " HostName ${CONDA_HOST##*@}" >> $HOME/.ssh/config;
echo " User ${CONDA_HOST%@*}" >> $HOME/.ssh/config;
echo " IdentityFile $HOME/.ssh/id_conda_index" >> $HOME/.ssh/config;
echo "Host *" >> $HOME/.ssh/config;
echo " IdentitiesOnly yes" >> $HOME/.ssh/config;
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment