fix: only check host keys on requested hosts
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/push Build is passing
Details
See coop-cloud/organising#242.
This commit is contained in:
parent
17a5f1529a
commit
6f26b51f3e
|
@ -8,6 +8,7 @@ import (
|
||||||
abraFormatter "coopcloud.tech/abra/cli/formatter"
|
abraFormatter "coopcloud.tech/abra/cli/formatter"
|
||||||
"coopcloud.tech/abra/pkg/catalogue"
|
"coopcloud.tech/abra/pkg/catalogue"
|
||||||
"coopcloud.tech/abra/pkg/config"
|
"coopcloud.tech/abra/pkg/config"
|
||||||
|
"coopcloud.tech/abra/pkg/ssh"
|
||||||
"coopcloud.tech/tagcmp"
|
"coopcloud.tech/tagcmp"
|
||||||
"github.com/sirupsen/logrus"
|
"github.com/sirupsen/logrus"
|
||||||
"github.com/urfave/cli/v2"
|
"github.com/urfave/cli/v2"
|
||||||
|
@ -69,6 +70,12 @@ can take some time.
|
||||||
}
|
}
|
||||||
sort.Sort(config.ByServerAndType(apps))
|
sort.Sort(config.ByServerAndType(apps))
|
||||||
|
|
||||||
|
for _, app := range apps {
|
||||||
|
if err := ssh.EnsureHostKey(app.Server); err != nil {
|
||||||
|
logrus.Fatal(err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
statuses := make(map[string]map[string]string)
|
statuses := make(map[string]map[string]string)
|
||||||
tableCol := []string{"Server", "Type", "Domain"}
|
tableCol := []string{"Server", "Type", "Domain"}
|
||||||
if status {
|
if status {
|
||||||
|
|
|
@ -8,6 +8,7 @@ import (
|
||||||
"coopcloud.tech/abra/pkg/config"
|
"coopcloud.tech/abra/pkg/config"
|
||||||
"coopcloud.tech/abra/pkg/recipe"
|
"coopcloud.tech/abra/pkg/recipe"
|
||||||
"coopcloud.tech/abra/pkg/secret"
|
"coopcloud.tech/abra/pkg/secret"
|
||||||
|
"coopcloud.tech/abra/pkg/ssh"
|
||||||
"github.com/AlecAivazis/survey/v2"
|
"github.com/AlecAivazis/survey/v2"
|
||||||
"github.com/sirupsen/logrus"
|
"github.com/sirupsen/logrus"
|
||||||
"github.com/urfave/cli/v2"
|
"github.com/urfave/cli/v2"
|
||||||
|
@ -163,6 +164,10 @@ func NewAction(c *cli.Context) error {
|
||||||
}
|
}
|
||||||
|
|
||||||
if Secrets {
|
if Secrets {
|
||||||
|
if err := ssh.EnsureHostKey(NewAppServer); err != nil {
|
||||||
|
logrus.Fatal(err)
|
||||||
|
}
|
||||||
|
|
||||||
secrets, err := createSecrets(sanitisedAppName)
|
secrets, err := createSecrets(sanitisedAppName)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logrus.Fatal(err)
|
logrus.Fatal(err)
|
||||||
|
|
|
@ -8,6 +8,7 @@ import (
|
||||||
"coopcloud.tech/abra/pkg/catalogue"
|
"coopcloud.tech/abra/pkg/catalogue"
|
||||||
"coopcloud.tech/abra/pkg/config"
|
"coopcloud.tech/abra/pkg/config"
|
||||||
"coopcloud.tech/abra/pkg/recipe"
|
"coopcloud.tech/abra/pkg/recipe"
|
||||||
|
"coopcloud.tech/abra/pkg/ssh"
|
||||||
"github.com/AlecAivazis/survey/v2"
|
"github.com/AlecAivazis/survey/v2"
|
||||||
"github.com/sirupsen/logrus"
|
"github.com/sirupsen/logrus"
|
||||||
"github.com/urfave/cli/v2"
|
"github.com/urfave/cli/v2"
|
||||||
|
@ -98,6 +99,10 @@ func ValidateApp(c *cli.Context) config.App {
|
||||||
logrus.Fatal(err)
|
logrus.Fatal(err)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if err := ssh.EnsureHostKey(app.Server); err != nil {
|
||||||
|
logrus.Fatal(err)
|
||||||
|
}
|
||||||
|
|
||||||
logrus.Debugf("validated '%s' as app argument", appName)
|
logrus.Debugf("validated '%s' as app argument", appName)
|
||||||
|
|
||||||
return app
|
return app
|
||||||
|
|
|
@ -9,7 +9,6 @@ import (
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"coopcloud.tech/abra/cli/formatter"
|
"coopcloud.tech/abra/cli/formatter"
|
||||||
"coopcloud.tech/abra/pkg/ssh"
|
|
||||||
"coopcloud.tech/abra/pkg/upstream/convert"
|
"coopcloud.tech/abra/pkg/upstream/convert"
|
||||||
loader "coopcloud.tech/abra/pkg/upstream/stack"
|
loader "coopcloud.tech/abra/pkg/upstream/stack"
|
||||||
stack "coopcloud.tech/abra/pkg/upstream/stack"
|
stack "coopcloud.tech/abra/pkg/upstream/stack"
|
||||||
|
@ -146,10 +145,6 @@ func LoadAppFiles(servers ...string) (AppFiles, error) {
|
||||||
|
|
||||||
logrus.Debugf("collecting metadata from '%v' servers: '%s'", len(servers), strings.Join(servers, ", "))
|
logrus.Debugf("collecting metadata from '%v' servers: '%s'", len(servers), strings.Join(servers, ", "))
|
||||||
|
|
||||||
if err := EnsureHostKeysAllServers(servers...); err != nil {
|
|
||||||
return nil, err
|
|
||||||
}
|
|
||||||
|
|
||||||
for _, server := range servers {
|
for _, server := range servers {
|
||||||
serverDir := path.Join(ABRA_SERVER_FOLDER, server)
|
serverDir := path.Join(ABRA_SERVER_FOLDER, server)
|
||||||
files, err := getAllFilesInDirectory(serverDir)
|
files, err := getAllFilesInDirectory(serverDir)
|
||||||
|
@ -373,15 +368,3 @@ func GetAppComposeConfig(recipe string, opts stack.Deploy, appEnv AppEnv) (*comp
|
||||||
|
|
||||||
return compose, nil
|
return compose, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// EnsureHostKeysAllServers ensures all configured servers have server SSH host keys validated
|
|
||||||
func EnsureHostKeysAllServers(servers ...string) error {
|
|
||||||
for _, serverName := range servers {
|
|
||||||
logrus.Debugf("ensuring server SSH host key available for %s", serverName)
|
|
||||||
if err := ssh.EnsureHostKey(serverName); err != nil {
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
|
|
|
@ -427,6 +427,11 @@ func connectWithPasswordTimeout(host, username, port, pass string, timeout time.
|
||||||
|
|
||||||
// EnsureHostKey ensures that a host key trusted and added to the ~/.ssh/known_hosts file
|
// EnsureHostKey ensures that a host key trusted and added to the ~/.ssh/known_hosts file
|
||||||
func EnsureHostKey(hostname string) error {
|
func EnsureHostKey(hostname string) error {
|
||||||
|
if hostname == "default" || hostname == "local" {
|
||||||
|
logrus.Debugf("not checking server SSH host key against local/default target")
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
exists, _, err := GetHostKey(hostname)
|
exists, _, err := GetHostKey(hostname)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
|
|
Loading…
Reference in New Issue