*: set sshhostkey and skip check on remote source
This commit is contained in:
parent
4d19ce1633
commit
4154be3370
@ -40,6 +40,8 @@ type remoteSourceCreateOptions struct {
|
||||
apiURL string
|
||||
oauth2ClientID string
|
||||
oauth2ClientSecret string
|
||||
sshHostKey string
|
||||
skipSSHHostKeyCheck bool
|
||||
}
|
||||
|
||||
var remoteSourceCreateOpts remoteSourceCreateOptions
|
||||
@ -53,6 +55,8 @@ func init() {
|
||||
flags.StringVar(&remoteSourceCreateOpts.apiURL, "api-url", "", "remotesource api url")
|
||||
flags.StringVar(&remoteSourceCreateOpts.oauth2ClientID, "clientid", "", "remotesource oauth2 client id")
|
||||
flags.StringVar(&remoteSourceCreateOpts.oauth2ClientSecret, "secret", "", "remotesource oauth2 secret")
|
||||
flags.StringVar(&remoteSourceCreateOpts.sshHostKey, "ssh-host-key", "", "remotesource ssh public host key")
|
||||
flags.BoolVarP(&remoteSourceCreateOpts.skipSSHHostKeyCheck, "skip-ssh-host-key-check", "s", false, "skip ssh host key check")
|
||||
|
||||
cmdRemoteSourceCreate.MarkFlagRequired("name")
|
||||
cmdRemoteSourceCreate.MarkFlagRequired("type")
|
||||
@ -72,6 +76,8 @@ func remoteSourceCreate(cmd *cobra.Command, args []string) error {
|
||||
APIURL: remoteSourceCreateOpts.apiURL,
|
||||
Oauth2ClientID: remoteSourceCreateOpts.oauth2ClientID,
|
||||
Oauth2ClientSecret: remoteSourceCreateOpts.oauth2ClientSecret,
|
||||
SSHHostKey: remoteSourceCreateOpts.sshHostKey,
|
||||
SkipSSHHostKeyCheck: remoteSourceCreateOpts.skipSSHHostKeyCheck,
|
||||
}
|
||||
|
||||
log.Infof("creating remotesource")
|
||||
|
@ -62,6 +62,13 @@ mkdir ~/.ssh
|
||||
chmod 700 ~/.ssh
|
||||
touch ~/.ssh/id_rsa
|
||||
chmod 600 ~/.ssh/id_rsa
|
||||
touch ~/.ssh/known_hosts
|
||||
chmod 600 ~/.ssh/known_hosts
|
||||
|
||||
# Add public ssh host key
|
||||
if [ -n "$AGOLA_SSHHOSTKEY" ]; then
|
||||
echo "$AGOLA_SSHHOSTKEY" >> ~/.ssh/known_hosts
|
||||
fi
|
||||
|
||||
# Add repository deploy key
|
||||
(cat <<EOF > ~/.ssh/id_rsa
|
||||
@ -69,17 +76,20 @@ $AGOLA_SSHPRIVKEY
|
||||
EOF
|
||||
)
|
||||
|
||||
STRICT_HOST_KEY_CHECKING="yes"
|
||||
|
||||
if [ -n "$AGOLA_SKIPSSHHOSTKEYCHECK" ]; then
|
||||
# Disable git host key verification
|
||||
(cat <<EOF > ~/.ssh/config
|
||||
STRICT_HOST_KEY_CHECKING="no"
|
||||
fi
|
||||
|
||||
(cat <<EOF > ~/.ssh/config
|
||||
Host $AGOLA_GIT_HOST
|
||||
HostName $AGOLA_GIT_HOST
|
||||
Port $AGOLA_GIT_PORT
|
||||
StrictHostKeyChecking no
|
||||
UserKnownHostsFile /dev/null
|
||||
StrictHostKeyChecking ${STRICT_HOST_KEY_CHECKING}
|
||||
EOF
|
||||
)
|
||||
fi
|
||||
)
|
||||
|
||||
git clone $AGOLA_REPOSITORY_URL .
|
||||
git fetch origin $AGOLA_GIT_REF
|
||||
|
@ -52,6 +52,8 @@ type CreateRemoteSourceRequest struct {
|
||||
AuthType string
|
||||
Oauth2ClientID string
|
||||
Oauth2ClientSecret string
|
||||
SSHHostKey string
|
||||
SkipSSHHostKeyCheck bool
|
||||
}
|
||||
|
||||
func (h *ActionHandler) CreateRemoteSource(ctx context.Context, req *CreateRemoteSourceRequest) (*types.RemoteSource, error) {
|
||||
@ -97,6 +99,8 @@ func (h *ActionHandler) CreateRemoteSource(ctx context.Context, req *CreateRemot
|
||||
APIURL: req.APIURL,
|
||||
Oauth2ClientID: req.Oauth2ClientID,
|
||||
Oauth2ClientSecret: req.Oauth2ClientSecret,
|
||||
SSHHostKey: req.SSHHostKey,
|
||||
SkipSSHHostKeyCheck: req.SkipSSHHostKeyCheck,
|
||||
}
|
||||
|
||||
h.log.Infof("creating remotesource")
|
||||
|
@ -35,6 +35,8 @@ type CreateRemoteSourceRequest struct {
|
||||
AuthType string `json:"auth_type"`
|
||||
Oauth2ClientID string `json:"oauth_2_client_id"`
|
||||
Oauth2ClientSecret string `json:"oauth_2_client_secret"`
|
||||
SSHHostKey string `json:"ssh_host_key"`
|
||||
SkipSSHHostKeyCheck bool `json:"skip_ssh_host_key_check"`
|
||||
}
|
||||
|
||||
type CreateRemoteSourceHandler struct {
|
||||
@ -63,6 +65,8 @@ func (h *CreateRemoteSourceHandler) ServeHTTP(w http.ResponseWriter, r *http.Req
|
||||
AuthType: req.AuthType,
|
||||
Oauth2ClientID: req.Oauth2ClientID,
|
||||
Oauth2ClientSecret: req.Oauth2ClientSecret,
|
||||
SSHHostKey: req.SSHHostKey,
|
||||
SkipSSHHostKeyCheck: req.SkipSSHHostKeyCheck,
|
||||
}
|
||||
rs, err := h.ah.CreateRemoteSource(ctx, creq)
|
||||
if httpError(w, err) {
|
||||
|
@ -115,6 +115,7 @@ func (h *webhooksHandler) handleWebhook(r *http.Request) (int, string, error) {
|
||||
var webhookData *types.WebhookData
|
||||
var sshPrivKey string
|
||||
var cloneURL string
|
||||
var sshHostKey string
|
||||
var skipSSHHostKeyCheck bool
|
||||
var runType types.RunType
|
||||
variables := map[string]string{}
|
||||
@ -147,7 +148,12 @@ func (h *webhooksHandler) handleWebhook(r *http.Request) (int, string, error) {
|
||||
}
|
||||
|
||||
sshPrivKey = project.SSHPrivateKey
|
||||
sshHostKey = rs.SSHHostKey
|
||||
// use remotesource skipSSHHostKeyCheck config and override with project config if set to true there
|
||||
skipSSHHostKeyCheck = rs.SkipSSHHostKeyCheck
|
||||
if project.SkipSSHHostKeyCheck {
|
||||
skipSSHHostKeyCheck = project.SkipSSHHostKeyCheck
|
||||
}
|
||||
runType = types.RunTypeProject
|
||||
webhookData, err = gitSource.ParseWebhook(r)
|
||||
if err != nil {
|
||||
@ -258,6 +264,9 @@ func (h *webhooksHandler) handleWebhook(r *http.Request) (int, string, error) {
|
||||
"AGOLA_GIT_COMMITSHA": webhookData.CommitSHA,
|
||||
}
|
||||
|
||||
if sshHostKey != "" {
|
||||
env["AGOLA_SSHHOSTKEY"] = sshHostKey
|
||||
}
|
||||
if skipSSHHostKeyCheck {
|
||||
env["AGOLA_SKIPSSHHOSTKEYCHECK"] = "1"
|
||||
}
|
||||
|
@ -155,6 +155,10 @@ type RemoteSource struct {
|
||||
// Oauth2 data
|
||||
Oauth2ClientID string `json:"client_id,omitempty"`
|
||||
Oauth2ClientSecret string `json:"client_secret,omitempty"`
|
||||
|
||||
SSHHostKey string `json:"ssh_host_key,omitempty"` // Public ssh host key of the remote source
|
||||
|
||||
SkipSSHHostKeyCheck bool `json:"skip_ssh_host_key_check,omitempty"`
|
||||
}
|
||||
|
||||
func SourceSupportedAuthTypes(rsType RemoteSourceType) []RemoteSourceAuthType {
|
||||
|
Loading…
Reference in New Issue
Block a user