0

我想在 Github Actions 中运行数据库迁移。数据库在堡垒后面。

我的解决方案是通过堡垒将 Postgres 端口 5432 转发到 db 主机。

我尝试了下面的脚本,但似乎不起作用。

mkdir ~/.ssh
ssh-keyscan -H <bastion_ip>  >> ~/.ssh/known_hosts
echo "${{secrets.BASTION_SSH_KEY}}" >> key
chmod 600 ./key
ssh -T -i ./key -L 5432:<db_host_url>:5432 user@<bastion_ip> &
make migrate
rm ./key

make migrate针对localhost:5432.

当我运行管道时,出现以下错误

Error:  AssertionError [ERR_ASSERTION]: ifError got unwanted exception: connect ECONNREFUSED 127.0.0.1:5432

无论如何要修复它?我对其他方式持开放态度。

4

2 回答 2

1

我认为你的ssh命令不正确,试试这个:

ssh -fN -i ./key -L 5432:<db_host>:5432 user@<bastion_ip>

从手册页:

-f    Requests ssh to go to background just before command execution.
      This is useful if ssh is going to ask for passwords or passphrases,
      but the user wants it in the background.  This implies -n.  The
      recommended way to start X11 programs at a remote site is with
      something like ssh -f host xterm.

和:

-N    Do not execute a remote command.  This is useful for just
      forwarding ports.
于 2021-07-24T11:40:23.090 回答
1

谢谢@larsks,我搞定了。有几件事我必须改变才能让它工作。

  1. 按照@larsks-fN的建议添加
  2. 用于ssh-agent处理密钥

以下是工作代码片段:

mkdir ~/.ssh
ssh-keyscan -H <bastion_ip> >> ~/.ssh/known_hosts
eval `ssh-agent -s`
ssh-add - <<< "${{secrets.BASTION_SSH_KEY}}"
ssh -fN -v -L 5432:<db-host>:5432 user@<bastion_ip>
make migrate
于 2021-07-25T00:13:19.017 回答