From de975d2a0a186d32d731000d3ea7b82ff0c626d0 Mon Sep 17 00:00:00 2001 From: Kolman-Freecss Date: Wed, 16 Oct 2024 01:29:57 +0200 Subject: [PATCH] SSH Connection OK --- .run/Execute_main.run.xml | 27 ++++++++++++++++++++ README.md | 48 ++++++++++++++++++++++++++++++++++++ src/local/docker-compose.yml | 3 +-- src/local/main/services.py | 12 +++++---- 4 files changed, 83 insertions(+), 7 deletions(-) create mode 100644 .run/Execute_main.run.xml diff --git a/.run/Execute_main.run.xml b/.run/Execute_main.run.xml new file mode 100644 index 0000000..3c4012a --- /dev/null +++ b/.run/Execute_main.run.xml @@ -0,0 +1,27 @@ + + + + + \ No newline at end of file diff --git a/README.md b/README.md index 8b3c4a0..7b65dcf 100644 --- a/README.md +++ b/README.md @@ -9,16 +9,19 @@ This tool is used to serve an automated environment in local or cloud platform t - [Local installation](#local-installation) - [Configure Jenkins](#configure-jenkins) - [Configure Environment Variables to execute main.py](#configure-environment-variables-to-execute-mainpy) + - [Configure SSH](#configure-ssh) - [AWS Configuration](#aws-configuration) - [Trigger Terraform pipeline](#trigger-terraform-pipeline) - [Connect to EC2 instance](#connect-to-ec2-instance) - [Configuration](#configuration) - [Dependencies](#dependencies) - [Tech stacks CI/CD](#tech-stacks-ci/cd) +- [Tips](#tips) - [Troubleshoting](#troubleshoting) - [Jenkins](#jenkins) - [Scripts](#scripts) - [AWS](#aws) + - [Settings](#settings) # Systems @@ -56,6 +59,23 @@ JENKINS_PASS= ACCESS_TOKEN= ``` +### Configure SSH + +- Install OpenSSH Server on your local machine. +- Start the service. + +```bash +# Windows +Start-Service sshd +``` + +- (Optional) Try to connect from container to your local machine with SSH. + +```bash +docker exec -it jenkins-git bash +ssh -i /var/jenkins_home/.ssh/id_rsa admin@host.docker.internal -vvv +``` + ## AWS Configuration Implantation of Jenkins automated with Terraform on AWS. @@ -175,6 +195,11 @@ docker push kolmanfreecss/jenkins-git - Shellscript - Terraform +# Tips + +- Check Event Viewer on Windows to see if SSH Server is running properly. + - `Applications and Services Logs > OpenSSH > Operational` + # Troubleshoting ## Jenkins @@ -223,6 +248,29 @@ docker push kolmanfreecss/jenkins-git - Remove permissions to other group users or another users because AWS won't let you connect to the EC2 instance if the permissions are too permissive. +## Settings +- Install SSH Server on local machine. + - If you have a Windows Server you can follow Microsoft official documentation to install OpenSSH Server. Or check https://github.com/PowerShell/Win32-OpenSSH/releases + - Also you could use WSL to install OpenSSH Server. + - ```bash + sudo apt-get install openssh-server + ``` + - Configure permissions to the id_rsa file to not be too permissive. + - ```bash + chmod 600 /var/jenkins_home/.ssh/id_rsa + ``` + - Create an authorized_keys file in the .ssh folder with the public key of the local machine. + - ```bash + cat /var/jenkins_home/.ssh/id_rsa.pub >> /var/jenkins_home/.ssh/authorized_keys + ``` + - Create an sshd_config file in the .ssh folder with the following IMPORTANT configurations UNCCOMMENTED.: + - ```bash + Port 22 + AuthorizedKeysFile /var/jenkins_home/.ssh/authorized_keys + PubkeyAuthentication yes + PasswordAuthentication no + ``` + --- Shield: [![CC-BY-NC-ND 4.0][CC-BY-NC-ND-shield]][CC-BY-NC-ND] diff --git a/src/local/docker-compose.yml b/src/local/docker-compose.yml index 54c8e72..4a437c3 100644 --- a/src/local/docker-compose.yml +++ b/src/local/docker-compose.yml @@ -5,13 +5,12 @@ services: build: context: . # Path where the Dockerfile is located dockerfile: Dockerfile # Name of the Dockerfile - image: kolmanfreecss/jenkins-git:latest container_name: kf-jenkins user: root privileged: true ports: - "8080:8080" # UI Jenkins - - "50000:50000" # Jenkins agents + - "50001:50000" # Jenkins agents environment: - TINI_SUBREAPER=1 # Register Tini as a subreaper (to not need to use Tini as PID 1) volumes: diff --git a/src/local/main/services.py b/src/local/main/services.py index 709dc84..5360776 100644 --- a/src/local/main/services.py +++ b/src/local/main/services.py @@ -50,13 +50,14 @@ def build_user_credentials() -> any: """ id_value = f"{config_module.config.get(config_module.ConfigKeys.JENKINS_CREDENTIALS_ID)}-user" + description_value = f"Credentials to access GitHub with PAT with {id_value}" credentials = f''' GLOBAL {id_value} {config_module.config.get(config_module.ConfigKeys.JENKINS_USER)} {config_module.config.get(config_module.ConfigKeys.PAT_JENKINS)} - Credentials to access GitHub with PAT + {description_value} ''' return credentials @@ -70,6 +71,7 @@ def build_ssh_credentials(force: bool = False) -> any: private_key = get_ssh(force) id_value = f"{config_module.config.get(config_module.ConfigKeys.AGENT_CREDENTIALS_SSH)}" + description_value = f"SSH Credentials to access GitHub with {id_value}" credentials = f''' GLOBAL @@ -78,10 +80,10 @@ def build_ssh_credentials(force: bool = False) -> any: {private_key} - SSH Credentials to access GitHub + {description_value} ''' - print(f'BUILD SSH CREDENTIALS:: XML Document: {credentials}') + print(f'BUILD SSH CREDENTIALS:: XML Document: ***** ') # {credentials}') return credentials @@ -120,10 +122,10 @@ def build_credentials(credential_type: CredentialsType, force: bool = False) -> if response.status_code == 200: print('Credentials created successfully') elif not force: - print(f'Error creating credentials status code: {response.status_code}, message: {response.text}, \n retrying with force flag') + print(f'ERROR creating credentials status code: {response.status_code}, message: {response.text}, \n retrying with force flag') build_credentials(credential_type, force=True) else: - print(f'Error creating credentials status code: {response.status_code}, message: {response.text}') + print(f'ERROR creating credentials status code: {response.status_code}, message: {response.text}') def get_ssh(force: bool = False) -> str: """