Comments (9)
mkrakowitzer
commented on July 25, 2024
4
I have worked around it for now with
- uses: webfactory/[email protected]
with:
ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }}
ssh-auth-sock: /tmp/ssh-auth.sock.${{ github.run_id }}
It not perfect, hopefully, I can make some to address it properly.
from ssh-agent.
mpdude
commented on July 25, 2024
If they are not ephemeral, how can you know what’s still remaining of previous runs? Seems the ssh-agent is still running in the background?
Is that really a feature to have that sort of persistence?
from ssh-agent.
mkrakowitzer
commented on July 25, 2024
sorry I am confused, maybe I chose my words poorly. My understanding of ephemeral is short-lived, so "not ephemeral" is long lived. Local runners are persistent, there is no other way to deploy them.
from ssh-agent.
mpdude
commented on July 25, 2024
Since we don't (currently) have a use case for this ourselves, I cannot promise that we will work on that soon.
But in case anyone wants to take a stab: We'd probably need to perform a "post-run" step like the actions/cache action does here:
https://github.com/actions/cache/blob/e43776276fc1bf0f5f1b462661f341691905b2df/action.yml#L20-L21
In that step, under all circumstances, kill the ssh-agent process. The PID is probably emitted at the the ssh-agent is started, so we'd need to parse it from there, possibly export it to the environment and use it during clean-up to terminate the right process.
Additionally, setting up known_hosts keys should be made idempotent.
from ssh-agent.
kenhuang
commented on July 25, 2024
Yah, facing the same issue host self-host running on mac.
from ssh-agent.
platonicsocrates
commented on July 25, 2024
@mkrakowitzer Yes, this workaround is alright, but will probably end up creating lots of unnecessary ssh-agents.
It not perfect, hopefully, I can make some to address it properly.
Did you ever address it properly? I'm happy to collaborate on this.
from ssh-agent.
mkrakowitzer
commented on July 25, 2024
No, I have not addressed it properly, just workarounds I am afraid. I added the following as a cleanup job
- name: 'cleanup'
if: always()
run: |
rm -f /tmp/ssh-auth.sock.${{ github.run_id }}.${{ github.run_number }}
However the ssh-agent processes are still running and then they also need to be killed as part of the cleanup job.
Main PID: 701145 (code=exited, status=0/SUCCESS)
CGroup: /system.slice/actions.runner.aem-dispatcher.aem-dispatcher-runner-01-16768d0.service
├─785000 ssh-agent -a /tmp/ssh-auth.sock.72521063
├─785591 ssh-agent -a /tmp/ssh-auth.sock.72521063
├─787517 ssh-agent -a /tmp/ssh-auth.sock.72543562
├─788107 ssh-agent -a /tmp/ssh-auth.sock.72553213
├─796939 ssh-agent -a /tmp/ssh-auth.sock.72614220
├─797491 ssh-agent -a /tmp/ssh-auth.sock.72618315
├─798489 ssh-agent -a /tmp/ssh-auth.sock.72630309
├─799057 ssh-agent -a /tmp/ssh-auth.sock.72633548
├─801617 ssh-agent -a /tmp/ssh-auth.sock.72633548
├─803297 ssh-agent -a /tmp/ssh-auth.sock.72663836
├─804815 ssh-agent -a /tmp/ssh-auth.sock.72663836
├─805527 ssh-agent -a /tmp/ssh-auth.sock.72681060.16
├─808625 ssh-agent -a /tmp/ssh-auth.sock.72713404.18
├─808958 ssh-agent -a /tmp/ssh-auth.sock.72715979.19
├─809336 ssh-agent -a /tmp/ssh-auth.sock.72717144.20
├─809571 ssh-agent -a /tmp/ssh-auth.sock.72718146.21
├─810305 ssh-agent -a /tmp/ssh-auth.sock.72718146.21
├─810529 ssh-agent -a /tmp/ssh-auth.sock.72718146.21
├─811279 ssh-agent -a /tmp/ssh-auth.sock.72723208.22
├─812454 ssh-agent -a /tmp/ssh-auth.sock.72730887.23
├─814024 ssh-agent -a /tmp/ssh-auth.sock.72742938.24
├─815957 ssh-agent -a /tmp/ssh-auth.sock.72758744.25
├─817366 ssh-agent -a /tmp/ssh-auth.sock.72775715.26
└─833851 ssh-agent -a /tmp/ssh-auth.sock.72805698.27
from ssh-agent.
platonicsocrates
commented on July 25, 2024
ok thanks for sharing. did you try implementing mpdude's suggestion (exporting to environment and then cleaning up)?
In that step, under all circumstances, kill the ssh-agent process. The PID is probably emitted at the the ssh-agent is started, so we'd need to parse it from there, possibly export it to the environment and use it during clean-up to terminate the right process.
from ssh-agent.
thommyhh
commented on July 25, 2024
@mpdude I ran into the same problem, made the necessary changes and created a PR. Please take at look.
@mkrakowitzer Until this is merged, you can try to use my fork: https://github.com/webcoast-dk/ssh-agent. You can or should use $SSH_AGENT_PID to kill the SSH agent as the last step. See updated README.md
from ssh-agent.
Related Issues (20)
- ERROR: stat "": no such file or directory
- Enable custom github server HOT 1
- Can't get it to work – Permission denied HOT 1
- Update to node20 HOT 2
- Windows workflow fails with "Could not read from remote repository" HOT 5
- `no such identity` on self-hosted Linux Github runner HOT 2
- After update to 0.9.0: The ssh-private-key argument is empty ... HOT 9
- Post cleanup fails HOT 2
- Error: Command failed: ssh-add - HOT 1
- Error: does not match GitHub URL pattern. Not treating it as a GitHub deploy key on version 0.9.0 HOT 6
- changelog out of date HOT 1
- Documentation about how to set up self-hosted runners HOT 4
- When upgrading from 0.7.0 to 0.8.0, functionality breaks HOT 2
- add ssh key for host?
- Is there a way to setup this without having a key specified?
- 'Support for GitHub deploy keys' breaks local CI for repositories which are submodules of other repositories which use ssh-agent with local CI
- The "file" argument must be of type string. Received undefined - in Post job HOT 1
- README needs to be updated (SSH keys should no longer be made in PEM format)
- Host key verification failed on Windows on 0.9.0 HOT 4
- how to use it with ssh keys protected with passwords?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ssh-agent.