You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/guides/modules/integration/pages/add-ssh-key.adoc
+44-4Lines changed: 44 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -18,7 +18,7 @@ See the following VCS-specific docs for additional details on creating SSH keys:
18
18
****
19
19
20
20
[#steps-to-add-additional-ssh-keys]
21
-
== 1. Add an additional SSH key to your project
21
+
== Add an additional SSH key to your project
22
22
23
23
CircleCI cannot decrypt SSH keys, therefore every new key must have an empty passphrase. The below examples are for macOS.
24
24
@@ -35,7 +35,7 @@ If you have a GitLab integration, you will find that an additional SSH key alrea
35
35
. Select *Add SSH Key*.
36
36
37
37
[#add-ssh-keys-to-a-job]
38
-
== 2. Add SSH keys to a job
38
+
== Add SSH keys to a job
39
39
40
40
Even though all CircleCI jobs use `ssh-agent` to automatically sign all added SSH keys, you *must* use the `add_ssh_keys` key to actually add keys to a container.
41
41
@@ -63,9 +63,49 @@ All fingerprints in the `fingerprints` list must correspond to keys that have be
63
63
To checkout additional repositories from within your job, ensure that you run the `checkout` command *before*`add_ssh_keys`; otherwise, `CIRCLE_CI_REPOSITORY_URL` will be empty. Also ensure that the private key is added to the CircleCI project and that the public key has been added to the additional repositories that you want to checkout from within your job.
64
64
65
65
[#adding-multiple-keys-with-blank-hostnames]
66
-
== Adding multiple keys with blank hostnames
66
+
=== Adding multiple keys with blank hostnames
67
67
68
-
If you need to add multiple SSH keys with blank hostnames to your project, you will need to make some changes to the default SSH configuration provided by CircleCI. In the scenario where you have multiple SSH keys that have access to the same hosts, but are for different purposes the default `IdentitiesOnly no` is set causing connections to use `ssh-agent`. This will always cause the first key to be used, even if that is the incorrect key. If you have added the SSH key to a container, you will need to either set `IdentitiesOnly no` in the appropriate block, or you can remove all keys from the `ssh-agent` for this job using `ssh-add -D`, and reading the key added with `ssh-add /path/to/key`.
68
+
If you add multiple SSH keys with blank hostnames to your project, you will need to make some changes to the default SSH configuration provided by CircleCI.
69
+
70
+
If you have multiple SSH keys for different purposes that have access to the same hosts, the default `IdentitiesOnly no` is set, which causes connections to use `ssh-agent`.
71
+
72
+
In this scenario the first key is used regardless of whether it is the correct key. If you have added the SSH key to a container, you will need to either set `IdentitiesOnly yes` in the appropriate block, or you can remove all keys from the `ssh-agent` for the job using `ssh-add -D` and read the added key using `ssh-add /path/to/key`.
73
+
74
+
[#using-specific-ssh-keys-for-a-job]
75
+
=== Using specific SSH keys for a job
76
+
77
+
[NOTE]
78
+
====
79
+
SSH keys are named using MD5 fingerprints with colons removed from the hash.
80
+
81
+
To retrieve the MD5 fingerprint of an SSH key, run this command locally:
The CircleCI CLI is used for some advanced features during job runs, for example xref:optimize:use-the-circleci-cli-to-split-tests.adoc[test splitting] for build time optimization.
332
332
333
+
[#runner-management]
334
+
== Runner management
335
+
336
+
You can operate on your self-hosted runners using the CLI.
337
+
338
+
=== List runner instances
339
+
340
+
Use the `runner instance list` sub-command to get a list of your runner instances.
341
+
342
+
For your namespace:
343
+
344
+
[,shell]
345
+
----
346
+
circleci runner instance list <namespace> [flags]
347
+
----
348
+
349
+
For a specific resource class:
350
+
351
+
[,shell]
352
+
----
353
+
circleci runner instance list <namespace/resource-class> [flags]
354
+
----
355
+
356
+
- `<namespace>` is the namespace claimed for your organization. You can see your namespace on the self-hosted runners inventory page in the CircleCI web app, by selecting **Self-Hosted Runners** in the sidebar.
357
+
358
+
- `<resource-class>` is the label for the resource class of the specific pool of self-hosted runners. You can find the resource class for all your pools in the link:https://app.circleci.com[CircleCI web app], by selecting **Self-Hosted Runners** in the sidebar.
359
+
360
+
To find out more on namespace and resource class, see the xref:execution-runner:runner-concepts.adoc#namespaces-and-resource-classes[Self-hosted runner concepts] page.
361
+
362
+
For full details on the `instance list` sub-command, refer to the link:https://circleci-public.github.io/circleci-cli/circleci_runner_instance_list.html[CLI docs].
363
+
364
+
=== Create a resource class
365
+
366
+
Use the `resource-class create` sub-command to add a new resource class.
- `<namespace>` is the namespace claimed for your organization. You can see your namespace on the self-hosted runners inventory page in the CircleCI web app, by selecting **Self-Hosted Runners** in the sidebar.
374
+
375
+
- `<resource-class>` is the label for the resource class of the specific pool of self-hosted runners. You can find the resource class for all your pools in the link:https://app.circleci.com[CircleCI web app], by selecting **Self-Hosted Runners** in the sidebar.
376
+
377
+
- `<description>` is the argument that allows you to provide a description for the resource class. It must be enclosed in double-quotes.
378
+
379
+
For full details on the `resource-class create` sub-command, refer to the link:https://circleci-public.github.io/circleci-cli/circleci_runner_resource-class_create.html[CLI docs].
380
+
381
+
=== Delete a resource class
382
+
383
+
Use the `resource-class delete` sub-command to delete an existing resource class.
- `<namespace>` is the namespace claimed for your organization. You can see your namespace on the self-hosted runners inventory page in the CircleCI web app, by selecting **Self-Hosted Runners** in the sidebar.
391
+
392
+
- `<resource-class>` is the label for the resource class of the specific pool of self-hosted runners. You can find the resource class for all your pools in the link:https://app.circleci.com[CircleCI web app], by selecting **Self-Hosted Runners** in the sidebar.
393
+
394
+
For full details on the `resource-class delete` sub-command, refer to the link:https://circleci-public.github.io/circleci-cli/circleci_runner_resource-class_delete.html[CLI docs].
395
+
396
+
=== List resource classes
397
+
398
+
Use the `resource-class list` sub-command to list all resource classes for your namespace.
399
+
400
+
[,shell]
401
+
----
402
+
circleci runner resource-class list <namespace> [flags]
403
+
----
404
+
405
+
Alternatively, you can use the shorthand `ls`, instead of `list`.
406
+
407
+
408
+
- `<namespace>` is the namespace claimed for your organization. You can see your namespace on the self-hosted runners inventory page in the CircleCI web app, by selecting **Self-Hosted Runners** in the sidebar.
409
+
410
+
For full details on the `resource-class list` sub-command, refer to the link:https://circleci-public.github.io/circleci-cli/circleci_runner_resource-class_list.html[CLI docs].
411
+
412
+
=== Create a token for a resource class
413
+
414
+
Use the `token create` sub-command to create a token for a resource class.
- `<namespace>` is the namespace claimed for your organization. You can see your namespace on the self-hosted runners inventory page in the CircleCI web app, by selecting **Self-Hosted Runners** in the sidebar.
422
+
423
+
- `<resource-class>` is the name of the resource class for the specific pool of self-hosted runners. You can find the resource class for all your pools in the link:https://app.circleci.com[CircleCI web app], by selecting **Self-Hosted Runners** in the sidebar.
424
+
425
+
- `<nickname>` refers to a human-readable name you assign to the token.
426
+
427
+
For full details on the `resource-class token create` sub-command, refer to the link:https://circleci-public.github.io/circleci-cli/circleci_runner_token_create.html[CLI docs].
428
+
429
+
430
+
=== List tokens for a resource class
431
+
432
+
Use the `token list` sub-command to list all tokens for a resource class.
433
+
434
+
[,shell]
435
+
----
436
+
circleci runner token list <namespace/resource-class> [flags]
437
+
----
438
+
439
+
Alternatively, you can use the shorthand `ls`, instead of `list`.
440
+
441
+
- `<namespace>` is the namespace claimed for your organization. You can see your namespace on the self-hosted runners inventory page in the CircleCI web app, by selecting **Self-Hosted Runners** in the sidebar.
442
+
443
+
- `<resource-class>` is the name of the resource class for the specific pool of self-hosted runners. You can find the resource class for all your pools in the link:https://app.circleci.com[CircleCI web app], by selecting **Self-Hosted Runners** in the sidebar.
444
+
445
+
For full details on the `token list` sub-command, refer to the link:https://circleci-public.github.io/circleci-cli/circleci_runner_token_list.html[CLI docs].
446
+
447
+
=== Delete a token
448
+
449
+
Use the `token delete` sub-command to delete a token for a resource class.
450
+
451
+
[,shell]
452
+
----
453
+
circleci runner token delete <token-id> [flags]
454
+
----
455
+
456
+
- `<token-id>` is the ID of the token to delete. You can find the token ID by running the `token list` sub-command, described above.
457
+
458
+
For full details on the `token delete` sub-command, refer to the link:https://circleci-public.github.io/circleci-cli/circleci_runner_token_delete.html[CLI docs].
0 commit comments