*: set sshhostkey and skip check on remote source
This commit is contained in:
parent
4d19ce1633
commit
4154be3370
|
@ -40,6 +40,8 @@ type remoteSourceCreateOptions struct {
|
||||||
apiURL string
|
apiURL string
|
||||||
oauth2ClientID string
|
oauth2ClientID string
|
||||||
oauth2ClientSecret string
|
oauth2ClientSecret string
|
||||||
|
sshHostKey string
|
||||||
|
skipSSHHostKeyCheck bool
|
||||||
}
|
}
|
||||||
|
|
||||||
var remoteSourceCreateOpts remoteSourceCreateOptions
|
var remoteSourceCreateOpts remoteSourceCreateOptions
|
||||||
|
@ -53,6 +55,8 @@ func init() {
|
||||||
flags.StringVar(&remoteSourceCreateOpts.apiURL, "api-url", "", "remotesource api url")
|
flags.StringVar(&remoteSourceCreateOpts.apiURL, "api-url", "", "remotesource api url")
|
||||||
flags.StringVar(&remoteSourceCreateOpts.oauth2ClientID, "clientid", "", "remotesource oauth2 client id")
|
flags.StringVar(&remoteSourceCreateOpts.oauth2ClientID, "clientid", "", "remotesource oauth2 client id")
|
||||||
flags.StringVar(&remoteSourceCreateOpts.oauth2ClientSecret, "secret", "", "remotesource oauth2 secret")
|
flags.StringVar(&remoteSourceCreateOpts.oauth2ClientSecret, "secret", "", "remotesource oauth2 secret")
|
||||||
|
flags.StringVar(&remoteSourceCreateOpts.sshHostKey, "ssh-host-key", "", "remotesource ssh public host key")
|
||||||
|
flags.BoolVarP(&remoteSourceCreateOpts.skipSSHHostKeyCheck, "skip-ssh-host-key-check", "s", false, "skip ssh host key check")
|
||||||
|
|
||||||
cmdRemoteSourceCreate.MarkFlagRequired("name")
|
cmdRemoteSourceCreate.MarkFlagRequired("name")
|
||||||
cmdRemoteSourceCreate.MarkFlagRequired("type")
|
cmdRemoteSourceCreate.MarkFlagRequired("type")
|
||||||
|
@ -72,6 +76,8 @@ func remoteSourceCreate(cmd *cobra.Command, args []string) error {
|
||||||
APIURL: remoteSourceCreateOpts.apiURL,
|
APIURL: remoteSourceCreateOpts.apiURL,
|
||||||
Oauth2ClientID: remoteSourceCreateOpts.oauth2ClientID,
|
Oauth2ClientID: remoteSourceCreateOpts.oauth2ClientID,
|
||||||
Oauth2ClientSecret: remoteSourceCreateOpts.oauth2ClientSecret,
|
Oauth2ClientSecret: remoteSourceCreateOpts.oauth2ClientSecret,
|
||||||
|
SSHHostKey: remoteSourceCreateOpts.sshHostKey,
|
||||||
|
SkipSSHHostKeyCheck: remoteSourceCreateOpts.skipSSHHostKeyCheck,
|
||||||
}
|
}
|
||||||
|
|
||||||
log.Infof("creating remotesource")
|
log.Infof("creating remotesource")
|
||||||
|
|
|
@ -62,6 +62,13 @@ mkdir ~/.ssh
|
||||||
chmod 700 ~/.ssh
|
chmod 700 ~/.ssh
|
||||||
touch ~/.ssh/id_rsa
|
touch ~/.ssh/id_rsa
|
||||||
chmod 600 ~/.ssh/id_rsa
|
chmod 600 ~/.ssh/id_rsa
|
||||||
|
touch ~/.ssh/known_hosts
|
||||||
|
chmod 600 ~/.ssh/known_hosts
|
||||||
|
|
||||||
|
# Add public ssh host key
|
||||||
|
if [ -n "$AGOLA_SSHHOSTKEY" ]; then
|
||||||
|
echo "$AGOLA_SSHHOSTKEY" >> ~/.ssh/known_hosts
|
||||||
|
fi
|
||||||
|
|
||||||
# Add repository deploy key
|
# Add repository deploy key
|
||||||
(cat <<EOF > ~/.ssh/id_rsa
|
(cat <<EOF > ~/.ssh/id_rsa
|
||||||
|
@ -69,17 +76,20 @@ $AGOLA_SSHPRIVKEY
|
||||||
EOF
|
EOF
|
||||||
)
|
)
|
||||||
|
|
||||||
|
STRICT_HOST_KEY_CHECKING="yes"
|
||||||
|
|
||||||
if [ -n "$AGOLA_SKIPSSHHOSTKEYCHECK" ]; then
|
if [ -n "$AGOLA_SKIPSSHHOSTKEYCHECK" ]; then
|
||||||
# Disable git host key verification
|
# Disable git host key verification
|
||||||
(cat <<EOF > ~/.ssh/config
|
STRICT_HOST_KEY_CHECKING="no"
|
||||||
|
fi
|
||||||
|
|
||||||
|
(cat <<EOF > ~/.ssh/config
|
||||||
Host $AGOLA_GIT_HOST
|
Host $AGOLA_GIT_HOST
|
||||||
HostName $AGOLA_GIT_HOST
|
HostName $AGOLA_GIT_HOST
|
||||||
Port $AGOLA_GIT_PORT
|
Port $AGOLA_GIT_PORT
|
||||||
StrictHostKeyChecking no
|
StrictHostKeyChecking ${STRICT_HOST_KEY_CHECKING}
|
||||||
UserKnownHostsFile /dev/null
|
|
||||||
EOF
|
EOF
|
||||||
)
|
)
|
||||||
fi
|
|
||||||
|
|
||||||
git clone $AGOLA_REPOSITORY_URL .
|
git clone $AGOLA_REPOSITORY_URL .
|
||||||
git fetch origin $AGOLA_GIT_REF
|
git fetch origin $AGOLA_GIT_REF
|
||||||
|
|
|
@ -52,6 +52,8 @@ type CreateRemoteSourceRequest struct {
|
||||||
AuthType string
|
AuthType string
|
||||||
Oauth2ClientID string
|
Oauth2ClientID string
|
||||||
Oauth2ClientSecret string
|
Oauth2ClientSecret string
|
||||||
|
SSHHostKey string
|
||||||
|
SkipSSHHostKeyCheck bool
|
||||||
}
|
}
|
||||||
|
|
||||||
func (h *ActionHandler) CreateRemoteSource(ctx context.Context, req *CreateRemoteSourceRequest) (*types.RemoteSource, error) {
|
func (h *ActionHandler) CreateRemoteSource(ctx context.Context, req *CreateRemoteSourceRequest) (*types.RemoteSource, error) {
|
||||||
|
@ -97,6 +99,8 @@ func (h *ActionHandler) CreateRemoteSource(ctx context.Context, req *CreateRemot
|
||||||
APIURL: req.APIURL,
|
APIURL: req.APIURL,
|
||||||
Oauth2ClientID: req.Oauth2ClientID,
|
Oauth2ClientID: req.Oauth2ClientID,
|
||||||
Oauth2ClientSecret: req.Oauth2ClientSecret,
|
Oauth2ClientSecret: req.Oauth2ClientSecret,
|
||||||
|
SSHHostKey: req.SSHHostKey,
|
||||||
|
SkipSSHHostKeyCheck: req.SkipSSHHostKeyCheck,
|
||||||
}
|
}
|
||||||
|
|
||||||
h.log.Infof("creating remotesource")
|
h.log.Infof("creating remotesource")
|
||||||
|
|
|
@ -35,6 +35,8 @@ type CreateRemoteSourceRequest struct {
|
||||||
AuthType string `json:"auth_type"`
|
AuthType string `json:"auth_type"`
|
||||||
Oauth2ClientID string `json:"oauth_2_client_id"`
|
Oauth2ClientID string `json:"oauth_2_client_id"`
|
||||||
Oauth2ClientSecret string `json:"oauth_2_client_secret"`
|
Oauth2ClientSecret string `json:"oauth_2_client_secret"`
|
||||||
|
SSHHostKey string `json:"ssh_host_key"`
|
||||||
|
SkipSSHHostKeyCheck bool `json:"skip_ssh_host_key_check"`
|
||||||
}
|
}
|
||||||
|
|
||||||
type CreateRemoteSourceHandler struct {
|
type CreateRemoteSourceHandler struct {
|
||||||
|
@ -63,6 +65,8 @@ func (h *CreateRemoteSourceHandler) ServeHTTP(w http.ResponseWriter, r *http.Req
|
||||||
AuthType: req.AuthType,
|
AuthType: req.AuthType,
|
||||||
Oauth2ClientID: req.Oauth2ClientID,
|
Oauth2ClientID: req.Oauth2ClientID,
|
||||||
Oauth2ClientSecret: req.Oauth2ClientSecret,
|
Oauth2ClientSecret: req.Oauth2ClientSecret,
|
||||||
|
SSHHostKey: req.SSHHostKey,
|
||||||
|
SkipSSHHostKeyCheck: req.SkipSSHHostKeyCheck,
|
||||||
}
|
}
|
||||||
rs, err := h.ah.CreateRemoteSource(ctx, creq)
|
rs, err := h.ah.CreateRemoteSource(ctx, creq)
|
||||||
if httpError(w, err) {
|
if httpError(w, err) {
|
||||||
|
|
|
@ -115,6 +115,7 @@ func (h *webhooksHandler) handleWebhook(r *http.Request) (int, string, error) {
|
||||||
var webhookData *types.WebhookData
|
var webhookData *types.WebhookData
|
||||||
var sshPrivKey string
|
var sshPrivKey string
|
||||||
var cloneURL string
|
var cloneURL string
|
||||||
|
var sshHostKey string
|
||||||
var skipSSHHostKeyCheck bool
|
var skipSSHHostKeyCheck bool
|
||||||
var runType types.RunType
|
var runType types.RunType
|
||||||
variables := map[string]string{}
|
variables := map[string]string{}
|
||||||
|
@ -147,7 +148,12 @@ func (h *webhooksHandler) handleWebhook(r *http.Request) (int, string, error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
sshPrivKey = project.SSHPrivateKey
|
sshPrivKey = project.SSHPrivateKey
|
||||||
|
sshHostKey = rs.SSHHostKey
|
||||||
|
// use remotesource skipSSHHostKeyCheck config and override with project config if set to true there
|
||||||
|
skipSSHHostKeyCheck = rs.SkipSSHHostKeyCheck
|
||||||
|
if project.SkipSSHHostKeyCheck {
|
||||||
skipSSHHostKeyCheck = project.SkipSSHHostKeyCheck
|
skipSSHHostKeyCheck = project.SkipSSHHostKeyCheck
|
||||||
|
}
|
||||||
runType = types.RunTypeProject
|
runType = types.RunTypeProject
|
||||||
webhookData, err = gitSource.ParseWebhook(r)
|
webhookData, err = gitSource.ParseWebhook(r)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -258,6 +264,9 @@ func (h *webhooksHandler) handleWebhook(r *http.Request) (int, string, error) {
|
||||||
"AGOLA_GIT_COMMITSHA": webhookData.CommitSHA,
|
"AGOLA_GIT_COMMITSHA": webhookData.CommitSHA,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if sshHostKey != "" {
|
||||||
|
env["AGOLA_SSHHOSTKEY"] = sshHostKey
|
||||||
|
}
|
||||||
if skipSSHHostKeyCheck {
|
if skipSSHHostKeyCheck {
|
||||||
env["AGOLA_SKIPSSHHOSTKEYCHECK"] = "1"
|
env["AGOLA_SKIPSSHHOSTKEYCHECK"] = "1"
|
||||||
}
|
}
|
||||||
|
|
|
@ -155,6 +155,10 @@ type RemoteSource struct {
|
||||||
// Oauth2 data
|
// Oauth2 data
|
||||||
Oauth2ClientID string `json:"client_id,omitempty"`
|
Oauth2ClientID string `json:"client_id,omitempty"`
|
||||||
Oauth2ClientSecret string `json:"client_secret,omitempty"`
|
Oauth2ClientSecret string `json:"client_secret,omitempty"`
|
||||||
|
|
||||||
|
SSHHostKey string `json:"ssh_host_key,omitempty"` // Public ssh host key of the remote source
|
||||||
|
|
||||||
|
SkipSSHHostKeyCheck bool `json:"skip_ssh_host_key_check,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
func SourceSupportedAuthTypes(rsType RemoteSourceType) []RemoteSourceAuthType {
|
func SourceSupportedAuthTypes(rsType RemoteSourceType) []RemoteSourceAuthType {
|
||||||
|
|
Loading…
Reference in New Issue