With my current Circle CI config, I get this warning prompt (which freezes the job):
The authenticity of host 'github.com (140.82.113.4)' can't be established.
RSA key fingerprint is SHA256:nThbg3kXUpJWGl7E1IGOCspRomTxdCARLviKw6E5SY8.
Are you sure you want to continue connecting (yes/no)?
In order to fix it, I use the following workaround:
- run:
name: Avoid hosts unknown for github
command: mkdir ~/.ssh/ && echo -e "Host github.com\n\tStrictHostKeyChecking no\n" > ~/.ssh/config
Documented here
However I was wondering if any one found a more cleaner solution for this problem.
I’ve already tried the following:
-
GH_TOKEN
environment variable is set up in Circle CI for this project. - Add ssh keys to a job.
Below my Circle CI config:
version: 2
defaults: &defaults
working_directory: ~/repo
docker:
- image: circleci/node:latest
jobs:
test:
<<: *defaults
steps:
- checkout
- restore_cache:
keys:
- v1-dependencies-{{ checksum "package.json" }}
- v1-dependencies-
- run: yarn install
- save_cache:
paths:
- node_modules
key: v1-dependencies-{{ checksum "package.json" }}
- persist_to_workspace:
root: ~/repo
paths: .
- run: yarn test
- run: yarn chromatic test --exit-zero-on-changes
deploy:
<<: *defaults
steps:
- attach_workspace:
at: ~/repo
- run:
name: Avoid hosts unknown for github
command: mkdir ~/.ssh/ && echo -e "Host github.com\n\tStrictHostKeyChecking no\n" > ~/.ssh/config
- run:
name: Install Now CLI
command: sudo npm install --global --unsafe-perm now
- run:
name: Authenticate with registry
command: echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" > ~/repo/.npmrc
- run:
name: deploy
command: |
if [ "${CIRCLE_BRANCH}" == "master" ]; then
npm run release && now --token $ZEIT_TOKEN --prod
else
now --token $ZEIT_TOKEN
fi
workflows:
version: 2
test-deploy:
jobs:
- test:
filters:
tags:
only: /^v.*/
- deploy:
requires:
- test
Basically it fails executing the npm run release
script, which requires push permissions to upload the git tags.