[Patchew-devel] [PATCH 4/5] deploy: allow specifying a private key for the importer

Paolo Bonzini posted 5 patches 6 years, 7 months ago
[Patchew-devel] [PATCH 4/5] deploy: allow specifying a private key for the importer
Posted by Paolo Bonzini 6 years, 7 months ago
The Dockerfile for the importer was creating an unused SSH key.  Instead,
pass a private key for use in connecting to the git server.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
	This patch is mostly untested.  I only checked that the key is there
	in the container.

 scripts/dockerfiles/importer.docker    |  2 +-
 scripts/playbooks/deploy-importers.yml | 10 ++++++++++
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/scripts/dockerfiles/importer.docker b/scripts/dockerfiles/importer.docker
index bca985b..984f019 100644
--- a/scripts/dockerfiles/importer.docker
+++ b/scripts/dockerfiles/importer.docker
@@ -2,7 +2,7 @@ FROM fedora:latest
 RUN dnf install -y python offlineimap findutils git wget
 RUN git config --global user.email "importer@patchew.org"
 RUN git config --global user.name "Patchew Importer"
-RUN ssh-keygen -t rsa -q -C patchew-importer -f ~/.ssh/id_rsa
+RUN echo IdentityFile=/data/patchew/identity > ~/.ssh/config
 RUN echo StrictHostKeyChecking no >> ~/.ssh/config
 RUN echo UserKnownHostsFile=/dev/null >> ~/.ssh/config
 ENV LC_ALL en_US.UTF-8
diff --git a/scripts/playbooks/deploy-importers.yml b/scripts/playbooks/deploy-importers.yml
index 8d362ee..1a9d805 100644
--- a/scripts/playbooks/deploy-importers.yml
+++ b/scripts/playbooks/deploy-importers.yml
@@ -15,6 +15,9 @@
     - name: "importer_pass"
       prompt: "Password for the importer to login to the server"
       private: yes
+    - name: "importer_identity"
+      prompt: "Path to file containing private key"
+      private: no
     - name: "imap_server"
       prompt: "IMAP server address to download patches"
       private: no
@@ -45,11 +48,18 @@
     src_dir: "{{ base_dir }}/src"
     data_dir: "{{ base_dir }}/data"
     config_file: "{{ data_dir }}/config"
+    identity_file: "{{ data_dir }}/identity"
   tasks:
     - name: Create data dir
       file:
         path: "{{ data_dir }}"
         state: directory
+    - name: Store SSH key
+      copy:
+        src: "{{ importer_identity }}"
+        dest: "{{ identity_file }}"
+        validate: test -f %s
+        mode: 0400
     - name: Create config
       template:
         src: "templates/importer-config.j2"
-- 
2.14.3


_______________________________________________
Patchew-devel mailing list
Patchew-devel@redhat.com
https://www.redhat.com/mailman/listinfo/patchew-devel