I work on GitLab ci/cd pipeline that should deploy docker containers to AWS ec2 instance. I'm trying to implement approach described here and one of my jobs is being failed because ssh-keyscan <ip> doesn't work.
My pipeline looks like that:
...
deploy-to-staging:
image: docker:20.10.14
stage: deploy to staging
needs: ["docker-stuff"]
before_script:
- 'command -v ssh-agent >/dev/null || ( apt-get update -y && apt-get install openssh-client -y )'
- eval $(ssh-agent -s)
- echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add -
- mkdir -p ~/.ssh
- chmod 700 ~/.ssh
- ssh-keyscan $EC2_IP >> ~/.ssh/known_hosts
- chmod 644 ~/.ssh/known_hosts
...
It fails at - ssh-keyscan $EC2_IP >> ~/.ssh/known_hosts line with ERROR: Job failed: exit code 1.
My GitLab varables:
I've tried ssh-keyscan <ipv4 DNS or IP> locally and it works. I've also tried it on separate ubuntu ec2 instance and it has no output.
Any help would be appreciated.
Solved. I had wrong outbound rules in aws security group. I've changed SSH IP to 0.0.0.0/0 and it have worked. Hope this will help someone.