github-action icon indicating copy to clipboard operation
github-action copied to clipboard
verified publisher icon tailscale

Failed to ssh-keyscan to tailscaled dns after tailscale/github-action@main

Open slavasab opened this issue 1 year ago • 2 comments

We have the following setup:

jobs:
  deploy:
    runs-on: ubuntu-latest
    name: Deploy Staging Website
    steps:
      - name: Setup Tailscale
        uses: tailscale/github-action@main
        with:
          authkey: ${{ secrets.TAILSCALE_AUTHKEY }}

      - name: Add to auth keys
        run: |
          mkdir -p ~/.ssh
          ssh-keyscan -t ed25519 $MACHINE >> ~/.ssh/known_hosts
        env:
          MACHINE: app-api-staging

From time to time our job fails on ssh-keyscan -t ed25519 $MACHINE >> ~/.ssh/known_hosts and app-api-staging is a tailscale MagicDNS.

On app-api-staging we see the following logs: tailscaled[530]: CreateEndpoint error for 100.81..:53254 -> 100.107..:22: connection was refused

Sometimes it works, sometimes it doesn't.

I'd be grateful for any advice.

slavasab avatar Feb 02 '24 18:02 slavasab

I think I've run into something like this myself. I don't think it's your keyscan directly it seems sometime the tailscale client takes upwards of a minute to actually establish connections before it can pass traffic. But the action completed so the next step runs and fails because it can't reach resources.

evilhamsterman avatar May 08 '24 16:05 evilhamsterman

I ran into this issue as well. My solution ended up being to just sleep 30 and this has fixed my issue.

gillesmag avatar Nov 06 '24 17:11 gillesmag