package.json中带有私有git repo的Google App Engine部署-电脑我帮您

package.json中带有私有git repo的Google App Engine部署

我对package.json中的私有Bitbucket存储库有依赖性

{
   "my-dependency": "git+ssh://[email protected]/something/my-dependency.git"
}

我按照[1]和[2]中的说明进行了操作，并创建了一个用kms加密的SSH密钥。

我创建了一个自定义cloudbuild.yaml，如下所示：

# Decrypt the file containing the key
steps:
  - name: 'gcr.io/cloud-builders/gcloud'
    args:
      - kms
      - decrypt
      - --ciphertext-file=bitbucket_rsa.enc
      - --plaintext-file=/root/.ssh/id_rsa
      - --location=global
      - --keyring=default
      - --key=bitbucket-key
    volumes:
      - name: 'ssh'
        path: /root/.ssh

  # Set up git with key and domain
  - name: 'gcr.io/cloud-builders/git'
    entrypoint: 'bash'
    args:
      - '-c'
      - |
        chmod 600 /root/.ssh/id_rsa
        cat <<EOF >/root/.ssh/config
        Hostname bitbucket
        IdentityFile /root/.ssh/id_rsa
        EOF
        mv known_hosts /root/.ssh/known_hosts
    volumes:
      - name: 'ssh'
        path: /root/.ssh

  # Install
  - name: 'gcr.io/cloud-builders/yarn'
    args: ['install']
    volumes:
      - name: 'ssh'
        path: /root/.ssh

  # Build
  - name: "gcr.io/cloud-builders/yarn"
    args: ["build"]
    volumes:
      - name: 'ssh'
        path: /root/.ssh

  # Deploy
  - name: "gcr.io/cloud-builders/gcloud"
    args: ["app", "deploy", "my-service.yaml"]
    volumes:
      - name: 'ssh'
        path: /root/.ssh

[当我通过gcloud builds submit --config=cloudbuild.yaml运行它时，步骤＃0至＃3运行正常，但是步骤＃4失败，因为app deploy触发了另一个yarn install，该用户无法访问步骤＃0和＃中定义的SSH密钥1：

Step #4: INFO     rm_node_modules took 0 seconds
Step #4: INFO     starting: yarn_install
Step #4: INFO     yarn_install yarn install
Step #4: INFO     `yarn_install` stdout:
Step #4: yarn install v1.9.4
Step #4: [1/5] Validating package.json...
Step #4: [2/5] Resolving packages...
Step #4: [3/5] Fetching packages...
Step #4: info Visit  for     documentation about this command.
Step #4:
Step #4: INFO     `yarn_install` had stderr output:
Step #4: error Command failed.
Step #4: Exit code: 128
Step #4: Command: git
Step #4: Arguments: ls-remote --tags --heads     ssh://[email protected]/something/my-dependency.git
Step #4: Directory: /workspace
Step #4: Output:
Step #4: Host key verification failed.
Step #4: fatal: Could not read from remote repository.
Step #4:
Step #4: Please make sure you have the correct access rights
Step #4: and the repository exists.
Step #4:
Step #4: ERROR    error: `yarn_install` returned code: 1
Step #4: INFO     yarn_install took 11 seconds
Step #4: INFO     build process for FTL image took 11 seconds
Step #4: INFO     full build took 11 seconds
Step #4: ERROR    `yarn_install` had stderr output:
Step #4: error Command failed.

谢谢您的帮助！

参考文献：

[1]

[2] Link private repository in packages.json in app deployed to gcloud

回答如下：

[每当出现Host Key verification failed错误时，它很可能与您的known_hosts文件有关，这意味着bitbucket的主机密钥不在您的known_hosts文件中，因此客户端无法验证它。尝试先运行ssh-keyscan -t rsa bitbucket > known_hosts，然后再运行cat known_hosts，然后查看bitbucket主机密钥是否存在。

如果答案为否，并且输出为空，则可能是网络问题干扰了该过程。请遵循此thread中接受的答案进行故障排除。

如果答案是肯定的，那么完美的只有一个步骤，那就是将您的SSH密钥配置到Bitbucket中。转到“ Bitbucket设置”下的bitbucket，然后在选项之一中单击“ SSH密钥”。添加一个密钥（将其标记为您决定的名称），然后将通过运行cat〜/ .ssh / id_rsa.pub获得的输出粘贴到密钥部分。

基本上，在您linked的一个线程中，我正在将私有存储库克隆到与应用程序根目录相同的文件夹中。这样，在package.json中，我可以简单地添加此行dependencies: {“circular-structure-stringify”: “./circular-structure-stringify”}，这将使我可以像任何npm软件包一样将其require()。

我意识到我应该保持Github链接的打开状态，但尽管如此，我正在研究另一个示例，我将在稍后的评论部分中发布该示例。同时，让我知道结果。