Friday, December 31, 2021

[FIXED] How do I log into a Gitlab CI container?

Issue

I need to install via composer a private package from the corporate namespace in Gitlab CI.

Dependency in composer.json.

    "repositories": [
        {
            "type": "git",
            "url": "git@gitlab.com:namespace/package.git"
        }
    ],
    "require": {
        "namespace/package": "dev-master",
     }

In .gitlab.ci.yml

image: registry.gitlab.com/namespace/project:1.0.0

stages:
    - deploy

.setup_ssh: &setup_ssh
    - 'command -v ssh-agent >/dev/null || ( apt-get update -y && apt-get install openssh-client zip unzip -y )'
    - eval $(ssh-agent -s)
    - mkdir -p ~/.ssh
    - chmod 700 ~/.ssh
    - echo "$SSH_PUBLIC_KEY" > ~/.ssh/id_rsa.pub
    - echo "$SSH_PRIVATE_KEY" | base64 -d > ~/.ssh/id_rsa
    - ssh-keyscan gitlab.com >> ~/.ssh/known_hosts
    - ssh-keyscan $DEV_HOST >> ~/.ssh/known_hosts
    - chmod 600 ~/.ssh/id_rsa
    - chmod 600 ~/.ssh/id_rsa.pub
    - chmod 644 ~/.ssh/known_hosts
    - ssh-add ~/.ssh/id_rsa

.setup_composer: &setup_composer
    - composer i -n

deploy to dev:
    stage: deploy
    script:
        - *setup_ssh
        - *setup_composer

Installing composer i -n crashes on a private package.

Cloning into bare repository '/root/.composer/cache/vcs/git-gitlab.com-namespace-package.git'... remote: remote: ======================================================================== remote: remote: The project you were looking for could not be found or you don't have permission to view it. remote: remote: ======================================================================== remote: fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists.

I tried running the container locally and installing the composer dependencies inside the container interactively.

- Syncing namespace/package (dev-master fa27046) into cache Cloning failed, enter your GitLab credentials to access private repos A token will be created and stored in "/root/.composer/auth.json", your password will never be stored To revoke access to this token you can visit https://gitlab.com/-/profile/personal_access_tokens

I have 2FA configured. For the test, I created a token and tried to log in.

composer config --global gitlab-token.gitlab.com [token]

After that, everything worked. But the problem is that this is my personal token.

How do I log into a Gitlab CI container?


Solution

Found a solution and it's very simple!

To deploy the main project to the server, I added the public key Deploy keys in the settings.

So, it was necessary to enable this key in the settings of EACH private repository, which is in the composer.json dependencies.

Private package Repo > Settings > Repository > Deploy Keys > Privately accessible deploy keys > Enable (key from main project)

For example

https://docs.gitlab.com/ee/user/project/deploy_keys/#how-to-enable-deploy-keys



Answered By - Paul
at

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.