capistrano: execute without ssh when server is localhost - deployment

I am using capistrano with multistage extension to deploy easily on staging and production servers.
I implemented a lot of tasks, doing setup stuff on the servers. For the different stages I have files like deploy/staging.rb or deploy/production.rb with only some hostname and username changes.
When I create a stage "localhost" with this setting:
set :server, "localhost"
everything is correctly executed on my local computer. But it is executed with ssh. I have colleagues, not running a ssh server on their computer. So the question is:
How do I tell capistrano to do all command executions invoked by run or capture without ssh? I do not want to implement every task a second time with run_locally.

Related

How do I SSH from a Docker container to a remote server

I am building a docker image off postgres image, and I would like to seed it with some data.
I am following the initialization-scripts section of the documentation.
But the problem I am facing now, is that my initialisation scripts needs to ssh to a remote database and dumb data from there. Basically something like this:
ssh remote.host "pg_dump -U user -d somedb" > some.sql
but this fails with the error that ssh: command not found
Question now is, in general, how do I ssh from a docker container to a remote server. In this case, specifically how do I ssh from a docker container to a remote database server as part of the initialisation step of seeding a postgres database?
As a general rule you don't do things this way. Typical Docker images contain only the server they're running and some core tools, but network clients like ssh or curl generally aren't part of this. In the particular case of ssh, securely managing the credentials required is also tricky (not impossible, but not obvious).
In your particular case, I might rearrange things so that your scripts didn't have the hard assumption the database was running locally. Provision an empty database container, then run your script from the host targeting that empty database. It may even work to set the PGHOST and PGPORT environment variables to point to your host machine's host name and the port you publish the database interface on, and then run that script unmodified.
Looking closer at that specific command, you also may find it better to set up a cron job to run that specific database dump and put the contents somewhere. Then a developer can get a snapshot of the data without having to make a connection to the live database server, and you can limit the number of people who will have access. Once you have this dump file, you can use the /docker-entrypoint-initdb.d mechanism to cause it to be loaded at first startup time.

Jenkins and PowerShell

I have a linux machine with Jenkins installed on it. It executes variety of different jobs on other linux machines.
Now - I would like to connect to a Windows machine and execute a PS script. Is it possible to do that from the Linux Jenkins by installing PS plugin (note that I do not want to execute a PS script on a local linux machine but execute all that on remote hosts)? If not, what is the proper way of doing that?
Yes you can run jobs on slave windows machine with Linux master.
Add windows machine as a new node(slave), give it a distinct label. The following link can help you in adding new slaves (https://wiki.jenkins-ci.org/display/JENKINS/Step+by+step+guide+to+set+up+master+and+slave+machines)
Go to job where you want to run PS script on windows machine and check the option "Restrict where this project can be run". Enter name of your windows machine label here.
To execute all jobs on remote machines, you can give all of them a separate label and use the step 2 to only use them for your jobs.
To execute job on local host you can enter "master" in the restrict run editbox.

Execute remote PowerShell script from VSOnline fails - Access Denied

I am facing a very strange issue trying to run a Remote PowerShell script from the new build system of Visual Studio Online.
Context:
I have a Build server that I host on my own VM. I have also created a second VM where I want the PowerShell script to be run on.
When I run a build from the Build server, I want to create a task that run a PowerShell script on a remote machine. Sounds easy.
Both machines have everything configured to run the Remote PowerShell. (I think)
Problem:
If I manually run the script from the build server, the script is properly executed on my remote machine.
But, if I run the script by starting a new build, it doesn't work, I always get an error message
New-PSSession : [xxx.cloudapp.net] Connecting to remote server xxx.cloudapp.net failed with the following error message : Access is denied. For more information, see the about_Remote_Troubleshooting Help topic.
Have you faced this issue before with VSOnline?
This can happen if there isn't a trust relationship between the remote machine and the build machine. E.g. you could look at the hosts.equiv file on the remote machine and make sure it trusts the build machine.
If that doesn't help then more info might be needed, like how you're trying to sign in, what build agent account you're running as.
Guy

capistrano insisting on password

First, my teammate is successfully deploying on almost exactly the same setup and using the exact same config as me re deploy. Therefore, cannot be a deploy configuration issue, there is nothing local or unique to any of our machines.
Second, I can successfully login via my machine using ssh user#server.com without password prompt.
However, I have tried everything to stop capistrano asking this question:
--recursive; fi"
servers: ["myserver.com"]
Password:
* [deploy:update_code] rolling back
I have tried every single password I have, and not entering a password. I don't even know what this password is for. Is it SSH? Because I don't even have a password protected key file.
I'm totally lost and I've literally been debugging this for 5 hours now without a single change in status. I'd really appreciate some help on how I can find out what the problem is.
Note, cap deploy simply works for my teammate using same config, same server. Everything, except different key file (note mine works and tested via ssh command).
Do you have to specify user#server.com to SSH to your server successfully (i.e., do you have a different username on your remote server from your local machine)?
You might just need to tell Capistrano what username it should be using to connect with by adding it to your deploy.rb:
set :user, "your-username"
You could also change the default username SSH will pick for that server by using ~/.ssh/config:
Host your.server.name
User your-username

Problems using teamcity command line to perform ssh remote login

I was wondering if anyone has tried using teamcity's command line builder to perform ssh remote login.
Right now, I would like to automate some testing on a QNX neutrino OS which is currently unsupported by teamcity. As a work around, I setup a ssh server on the target qnx machine so i could ssh and sftp the executables in.
Firstly, the source are compiled on Windows XP using qnx's compiler (based on g++). Followed by sftp-ing the executables into qnx neutrino.
Next, using ssh, script the login to remotely start the test apps and send the results back to the remote agent for publishing.
The batch script I created works well standalone, however, after hooking it up on the remote agent, it fails to login ssh and hangs indefinitely at the following command:
ssh -l "./.sh"
Notes:
I have added the remote agent's RSA public key in the QNX .ssh/authorized keys file, automatic login is working.
Is there a need to add the teamcity server's RSA public key in too?
Anyone has any idea on this problem?
I had a few weird problems with key-based SSH logins on QNX related to file permissions for the keys in .ssh. and permissions of parent folders (/home/username and /root).
Add
LogLevel DEBUG3
to /etc/openssh/sshd_config, make sure syslog is configured and is logging sshd output, restart sshd and try again - it will most likely complain about something.
Also, ssh -l "./.sh" makes no sense - -l is used to specify the user name, something is off there.