From 6f26b51f3e46b17c235da2df4eadaae90aefbc73 Mon Sep 17 00:00:00 2001 From: decentral1se Date: Tue, 9 Nov 2021 17:43:24 +0100 Subject: [PATCH] fix: only check host keys on requested hosts See https://git.coopcloud.tech/coop-cloud/organising/issues/242. --- cli/app/list.go | 7 +++++++ cli/internal/new.go | 5 +++++ cli/internal/validate.go | 5 +++++ pkg/config/app.go | 17 ----------------- pkg/ssh/ssh.go | 5 +++++ 5 files changed, 22 insertions(+), 17 deletions(-) diff --git a/cli/app/list.go b/cli/app/list.go index 7c21c1f9..1ee8b8c0 100644 --- a/cli/app/list.go +++ b/cli/app/list.go @@ -8,6 +8,7 @@ import ( abraFormatter "coopcloud.tech/abra/cli/formatter" "coopcloud.tech/abra/pkg/catalogue" "coopcloud.tech/abra/pkg/config" + "coopcloud.tech/abra/pkg/ssh" "coopcloud.tech/tagcmp" "github.com/sirupsen/logrus" "github.com/urfave/cli/v2" @@ -69,6 +70,12 @@ can take some time. } sort.Sort(config.ByServerAndType(apps)) + for _, app := range apps { + if err := ssh.EnsureHostKey(app.Server); err != nil { + logrus.Fatal(err) + } + } + statuses := make(map[string]map[string]string) tableCol := []string{"Server", "Type", "Domain"} if status { diff --git a/cli/internal/new.go b/cli/internal/new.go index 18cc11ea..046dca34 100644 --- a/cli/internal/new.go +++ b/cli/internal/new.go @@ -8,6 +8,7 @@ import ( "coopcloud.tech/abra/pkg/config" "coopcloud.tech/abra/pkg/recipe" "coopcloud.tech/abra/pkg/secret" + "coopcloud.tech/abra/pkg/ssh" "github.com/AlecAivazis/survey/v2" "github.com/sirupsen/logrus" "github.com/urfave/cli/v2" @@ -163,6 +164,10 @@ func NewAction(c *cli.Context) error { } if Secrets { + if err := ssh.EnsureHostKey(NewAppServer); err != nil { + logrus.Fatal(err) + } + secrets, err := createSecrets(sanitisedAppName) if err != nil { logrus.Fatal(err) diff --git a/cli/internal/validate.go b/cli/internal/validate.go index 59b26e30..1823d72d 100644 --- a/cli/internal/validate.go +++ b/cli/internal/validate.go @@ -8,6 +8,7 @@ import ( "coopcloud.tech/abra/pkg/catalogue" "coopcloud.tech/abra/pkg/config" "coopcloud.tech/abra/pkg/recipe" + "coopcloud.tech/abra/pkg/ssh" "github.com/AlecAivazis/survey/v2" "github.com/sirupsen/logrus" "github.com/urfave/cli/v2" @@ -98,6 +99,10 @@ func ValidateApp(c *cli.Context) config.App { logrus.Fatal(err) } + if err := ssh.EnsureHostKey(app.Server); err != nil { + logrus.Fatal(err) + } + logrus.Debugf("validated '%s' as app argument", appName) return app diff --git a/pkg/config/app.go b/pkg/config/app.go index e528da66..c767b400 100644 --- a/pkg/config/app.go +++ b/pkg/config/app.go @@ -9,7 +9,6 @@ import ( "strings" "coopcloud.tech/abra/cli/formatter" - "coopcloud.tech/abra/pkg/ssh" "coopcloud.tech/abra/pkg/upstream/convert" loader "coopcloud.tech/abra/pkg/upstream/stack" stack "coopcloud.tech/abra/pkg/upstream/stack" @@ -146,10 +145,6 @@ func LoadAppFiles(servers ...string) (AppFiles, error) { logrus.Debugf("collecting metadata from '%v' servers: '%s'", len(servers), strings.Join(servers, ", ")) - if err := EnsureHostKeysAllServers(servers...); err != nil { - return nil, err - } - for _, server := range servers { serverDir := path.Join(ABRA_SERVER_FOLDER, server) files, err := getAllFilesInDirectory(serverDir) @@ -373,15 +368,3 @@ func GetAppComposeConfig(recipe string, opts stack.Deploy, appEnv AppEnv) (*comp return compose, nil } - -// EnsureHostKeysAllServers ensures all configured servers have server SSH host keys validated -func EnsureHostKeysAllServers(servers ...string) error { - for _, serverName := range servers { - logrus.Debugf("ensuring server SSH host key available for %s", serverName) - if err := ssh.EnsureHostKey(serverName); err != nil { - return err - } - } - - return nil -} diff --git a/pkg/ssh/ssh.go b/pkg/ssh/ssh.go index 1e53360e..629c8c51 100644 --- a/pkg/ssh/ssh.go +++ b/pkg/ssh/ssh.go @@ -427,6 +427,11 @@ func connectWithPasswordTimeout(host, username, port, pass string, timeout time. // EnsureHostKey ensures that a host key trusted and added to the ~/.ssh/known_hosts file func EnsureHostKey(hostname string) error { + if hostname == "default" || hostname == "local" { + logrus.Debugf("not checking server SSH host key against local/default target") + return nil + } + exists, _, err := GetHostKey(hostname) if err != nil { return err