Code Studio
Using SSH during a job in the pipeline
With Copilot
Acquia Copilot is a conversational AI connected into our product documentation and knowledge base. Ask Copilot about product features, technical details, troubleshooting and how to get started with Acquia products.
Sign in to use Acquia Copilot
You can use SSH during a specific job in your pipeline.
The following example demonstrates how you can connect to a Cloud Platform environment by using SSH, before the Build Code stage begins.
Before you start using SSH to access an environment, you must:
Click Settings > CI/CD.
CI/CD option is selected from the Settings option
Expand the Variables section and click Add variable.
A list of variables is displayed with the Add Variable button highlighted at the bottom
To add a variable for the SSH private key, do the following:
Code StudioSSH_PRIVATE_KEY.Creating a variable for SSH private key
To add a variable for SSH passphrase, click Add variable and do the following:
SSH_PASSPHRASE.Creating a variable for SSH passphrase
The Variables section displays both the variables.
Variables section with the two newly added variables
After adding the SSH private key and passphrase, you can customize your gitlab-ci.yml file to use the variables and connect by using SSH.
If you created the .gitlab-ci.yml file for the first time, set the CI/CD configuration file to .gitlab-ci.yml by clicking Settings > CI/CD > General pipelines > CI/CD configuration file.
The following is an example .gitlab-ci.yml file that sets the SSH configuration to connect to a Cloud Platform environment.
include:
- project: 'acquia/standard-template'
file:
- '/gitlab-ci/Auto-DevOps.acquia.gitlab-ci.yml'
Build Code:
before_script:
##
## Install ssh-agent if not already installed, it is required by Docker.
##
- 'which ssh-agent || ( apt-get update -y && apt-get install openssh-client git -y )'
##
## Run ssh-agent (inside the build environment)
##
- eval $(ssh-agent -s)
##
## Create a shell script that will echo the environment variable SSH_PASSPHRASE
##
- echo 'echo $SSH_PASSPHRASE' > ~/.ssh/tmp && chmod 700 ~/.ssh/tmp
##
## If ssh-add needs a passphrase, it will read the passphrase from the current
## terminal if it was run from a terminal. If ssh-add does not have a terminal
## associated with it but DISPLAY and SSH_ASKPASS are set, it will execute the
## program specified by SSH_ASKPASS and open an X11 window to read the
## passphrase. This is particularly useful when calling ssh-add from a
## .xsession or related script. Setting DISPLAY=None drops the use of X11.
##
- echo "$SSH_PRIVATE_KEY" | tr -d '\r' | DISPLAY=None SSH_ASKPASS=~/.ssh/tmp ssh-add -
##
## Use ssh-keyscan to scan the keys of your private server. Replace gitlab.com
## with your own domain name. You can copy and repeat that command if you have
## more than one server to connect to.
##
- ssh-keyscan <HOST> >> ~/.ssh/known_hosts
- chmod 644 ~/.ssh/known_hosts
##
## You can optionally disable host key checking. Be aware that by adding that
## you are susceptible to man-in-the-middle attacks.
##
- echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config
##
## Connect via ssh and do something.
##
- ssh <USER>@<HOST>
## - <do something>In this .gitlab-ci.yml file,
<HOST> with your Cloud Platform host. For example, mysitedev.ssh.prod.acquia-sites.com.<USER>@<HOST> with your Cloud Platform user and host respectively. For example, [email protected].If this content did not answer your questions, try searching or contacting our support team for further assistance.
If this content did not answer your questions, try searching or contacting our support team for further assistance.