全部,
我想在提交后钩子结束时调用一个 bash 脚本(来做一些 rsync 魔法)。
以下是我的提交后钩子的样子:
#!/bin/bash
REPOS="$1"
REV="$2"
SVNLOOK="/usr/bin/svnlook"
AWK="/usr/bin/awk"
temp_dir="/var/www/vhosts/domain.com/temp"$(date +"%s") # to avoid conflict, append unix timestamp
webroot_dev="/var/www/vhosts/domain.com/dev.project.com"
webroot_alpha="/var/www/vhosts/domain.com/alpha.project.com"
webroot_beta="/var/www/vhosts/domain.com/beta.project.com"
webroot_live="/var/www/vhosts/domain.com/project.com"
repo_dev="file:///var/svn/Echo/branches/Dev"
repo_alpha="file:///var/svn/Echo/trunk"
repo_beta="file:///var/svn/Echo/branches/Beta"
repo_live="file:///var/svn/Echo/branches/Live"
is_dev=`$SVNLOOK dirs-changed -r "$REV" "$REPOS" | grep -c "Dev"`
is_alpha=`$SVNLOOK dirs-changed -r "$REV" "$REPOS" | grep -c "trunk"`
is_beta=`$SVNLOOK dirs-changed -r "$REV" "$REPOS" | grep -c "Beta"`
is_live=`$SVNLOOK dirs-changed -r "$REV" "$REPOS" | grep -c "Live"`
# Export from svn to web root; save previous version in ???.project.com.bkp
if [ $is_dev -gt 0 ]; then
rev="$SVNLOOK youngest $repo_dev";
svn export "$repo_dev" "$temp_dir" --force
rm -rf "${webroot_dev}.bkp"
mv -f "${webroot_dev}/" "${webroot_dev}.bkp"
mv -f "$temp_dir" "$webroot_dev"
date +%s > "${webroot_dev}/public/ex/config/version.txt"
cp "/usr/local/bin/scripts/releases/override.dev.ini" "${webroot_dev}/public/ex/config/ini/override.ini"
chown -R apache:apache "$webroot_dev"
chown -R apache:apache "${webroot_dev}.bkp"
cp -p -R "${webroot_dev}.bkp/public/uploads/avatars" "${webroot_dev}/public/uploads"
sh /var/svn/Echo/hooks/testing.sh # -- THIS IS WHAT FAILS
elif [ $is_alpha -gt 0 ]; then
svn export "$repo_alpha" "$temp_dir" --force
rm -rf "${webroot_alpha}.bkp"
mv -f "${webroot_alpha}/" "${webroot_alpha}.bkp"
mv -f "$temp_dir" "$webroot_alpha"
date +%s > "${webroot_alpha}/public/ex/config/version.txt"
chown -R apache:apache "$webroot_alpha"
chown -R apache:apache "${webroot_alpha}.bkp"
cp -p -R "${webroot_alpha}.bkp/public/uploads/avatars" "${webroot_alpha}/public/uploads"
elif [ $is_beta -gt 0 ]; then
:
elif [ $is_live -gt 0 ]; then
:
fi
我尝试调用的脚本是“testing.sh”,其代码如下:
#!/bin/bash
rsync -rtvu --cvs-exclude --delete /var/www/vhosts/domain.com/dev.project.com/ -e "ssh -i /var/svn/Project/hooks/testing.pem" ec2-user@ipaddress:/home/ec2-user/testing/
我收到的错误如下:
提交后挂钩失败(退出代码 255),输出:主机密钥验证失败。rsync:连接意外关闭(迄今为止收到 0 个字节)[发送方] rsync 错误:io.c(463) 处无法解释的错误(代码 255)[发送方=2.6.8]
更新:如果我从同一位置手动执行 testing.sh,则一切正常。仅当通过提交后挂钩执行 bash 脚本时才会报告主机密钥错误。
答案1
在 ssh 身份验证期间,可能会提示您将主机添加到 known_hosts 文件中?
您可以通过添加命令行选项来禁用此功能:
-o StrictHostKeyChecking=no
ssh 手册页摘录:
ssh automatically maintains and checks a database containing identification for all hosts it has ever been used with. Host keys are stored in ~/.ssh/known_hosts in the user’s
home directory. Additionally, the file /etc/ssh/ssh_known_hosts is automatically checked for known hosts. Any new hosts are automatically added to the user’s file. If a host’s
identification ever changes, ssh warns about this and disables password authentication to prevent server spoofing or man-in-the-middle attacks, which could otherwise be used to
circumvent the encryption. The StrictHostKeyChecking option can be used to control logins to machines whose host key is not known or has changed.