Hexo 部署时出现 Push cannot contain secrets 异常

发表于 分类于 阅读次数: Changyan:

今天在执行 hexo deploy 部署时,出现以下异常:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
remote: error: GH013: Repository rule violations found for refs/heads/master.
remote: 
remote: - GITHUB PUSH PROTECTION
remote:   —————————————————————————————————————————
remote:     Resolve the following violations before pushing again
remote: 
remote:     - Push cannot contain secrets
remote: 
remote:     
remote:      (?) Learn how to resolve a blocked push
remote:      https://docs.github.com/code-security/secret-scanning/working-with-secret-scanning-and-push-protection/working-with-push-protection-from-the-command-line#resolving-a-blocked-push
remote:     
remote:      (?) This repository does not have Secret Scanning enabled, but is eligible. Enable Secret Scanning to view and manage detected secrets.
remote:      Visit the repository settings page, https://github.com/zhang-jc/zhang-jc.github.io/settings/security_analysis
remote:     
remote:     
remote:       —— Amazon AWS Access Key ID ——————————————————————————
remote:        locations:
remote:          - commit: 2573f22a136850f3aa0bf54402cdf02f882b9e0f
remote:            path: search.xml:6170
remote:          - commit: 2573f22a136850f3aa0bf54402cdf02f882b9e0f
remote:            path: search.xml:6170
remote:          - commit: 2573f22a136850f3aa0bf54402cdf02f882b9e0f
remote:            path: search.xml:6170
remote:          - commit: 2573f22a136850f3aa0bf54402cdf02f882b9e0f
remote:            path: search.xml:6170
remote:          - commit: 2573f22a136850f3aa0bf54402cdf02f882b9e0f
remote:            path: search.xml:6173
remote:     
remote:        (?) To push, remove secret from commit(s) or follow this URL to allow the secret.
remote:        https://github.com/zhang-jc/zhang-jc.github.io/security/secret-scanning/unblock-secret/34dtqbomcHD2FyadsoLZcpSJp6k
remote:     
remote: 
remote: 
To github.com:zhang-jc/zhang-jc.github.io.git
 ! [remote rejected] HEAD -> master (push declined due to repository rule violations)
error: 无法推送一些引用到 'github.com:zhang-jc/zhang-jc.github.io.git'
FATAL Something's wrong. Maybe you can find the solution here: https://hexo.io/docs/troubleshooting.html
Error: Spawn failed
    at ChildProcess.<anonymous> (/home/zhangjc/github/zhangjc/node_modules/hexo-deployer-git/node_modules/hexo-util/lib/spawn.js:51:21)
    at ChildProcess.emit (node:events:519:28)
    at ChildProcess._handle.onexit (node:internal/child_process:293:12)

其中的关键提示信息是:

remote:       —— Amazon AWS Access Key ID ——————————————————————————
remote:        locations:
remote:          - commit: 2573f22a136850f3aa0bf54402cdf02f882b9e0f
remote:            path: search.xml:6170
remote:          - commit: 2573f22a136850f3aa0bf54402cdf02f882b9e0f
remote:            path: search.xml:6170
remote:          - commit: 2573f22a136850f3aa0bf54402cdf02f882b9e0f
remote:            path: search.xml:6170
remote:          - commit: 2573f22a136850f3aa0bf54402cdf02f882b9e0f
remote:            path: search.xml:6170
remote:          - commit: 2573f22a136850f3aa0bf54402cdf02f882b9e0f
remote:            path: search.xml:6173

使用关键字 AWS 查找 search.xml 发现是因为一篇博文中粘贴的一个下载地址中包含了密钥信息导致的。如下图:

找到上图中出现问题的链接,脱敏后重新提交执行 hexo g -d 问题仍然出现。删除 public.deploy_git 目录,再次执行问题解决。💁