[Patchew-devel] [PATCH] dockerfile: fix copying identity file

Paolo Bonzini posted 1 patch 4 weeks ago
Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/patchew next tags/patchew/20190118150759.23954-1-pbonzini@redhat.com
scripts/dockerfiles/importer.docker | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)

[Patchew-devel] [PATCH] dockerfile: fix copying identity file

Posted by Paolo Bonzini 4 weeks ago
The identity file is copied into ~/.ssh but ~/.ssh may not exist.  Fix that
with mkdir -p.

If not using an identity file supplied via ansible, in addition, we should
not regenerate it on every deployment; test for id_rsa before creating a
new key pair.

Reported-by: Davide Caratti <dcaratti@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
 scripts/dockerfiles/importer.docker | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/scripts/dockerfiles/importer.docker b/scripts/dockerfiles/importer.docker
index 953a75b..ab15d45 100644
--- a/scripts/dockerfiles/importer.docker
+++ b/scripts/dockerfiles/importer.docker
@@ -2,10 +2,10 @@ FROM fedora:latest
 RUN dnf install -y python offlineimap findutils git wget
 RUN git config --global user.email "importer@patchew.org"
 RUN git config --global user.name "Patchew Importer"
+RUN mkdir -p -m 0700 ~/.ssh
+RUN test -f /data/patchew/id_rsa || ssh-keygen -t rsa -q -C patchew-importer -f ~/.ssh/id_rsa
 RUN if test -f /data/patchew/identity; then \
         echo IdentityFile=/data/patchew/identity > ~/.ssh/config; \
-    else \
-        ssh-keygen -t rsa -q -C patchew-importer -f ~/.ssh/id_rsa; \
     fi
 RUN echo StrictHostKeyChecking no >> ~/.ssh/config
 RUN echo UserKnownHostsFile=/dev/null >> ~/.ssh/config
-- 
2.20.1

_______________________________________________
Patchew-devel mailing list
Patchew-devel@redhat.com
https://www.redhat.com/mailman/listinfo/patchew-devel

Re: [Patchew-devel] [PATCH] dockerfile: fix copying identity file

Posted by Philippe Mathieu-Daudé 4 weeks ago
On 1/18/19 4:07 PM, Paolo Bonzini wrote:
> The identity file is copied into ~/.ssh but ~/.ssh may not exist.  Fix that
> with mkdir -p.
> 
> If not using an identity file supplied via ansible, in addition, we should
> not regenerate it on every deployment; test for id_rsa before creating a
> new key pair.
> 
> Reported-by: Davide Caratti <dcaratti@redhat.com>
> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
> ---
>  scripts/dockerfiles/importer.docker | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/scripts/dockerfiles/importer.docker b/scripts/dockerfiles/importer.docker
> index 953a75b..ab15d45 100644
> --- a/scripts/dockerfiles/importer.docker
> +++ b/scripts/dockerfiles/importer.docker
> @@ -2,10 +2,10 @@ FROM fedora:latest
>  RUN dnf install -y python offlineimap findutils git wget
>  RUN git config --global user.email "importer@patchew.org"
>  RUN git config --global user.name "Patchew Importer"
> +RUN mkdir -p -m 0700 ~/.ssh
> +RUN test -f /data/patchew/id_rsa || ssh-keygen -t rsa -q -C patchew-importer -f ~/.ssh/id_rsa
>  RUN if test -f /data/patchew/identity; then \
>          echo IdentityFile=/data/patchew/identity > ~/.ssh/config; \
> -    else \
> -        ssh-keygen -t rsa -q -C patchew-importer -f ~/.ssh/id_rsa; \
>      fi

Which become now simply:

   RUN test -f /data/patchew/identity && echo
IdentityFile=/data/patchew/identity > ~/.ssh/config

>  RUN echo StrictHostKeyChecking no >> ~/.ssh/config
>  RUN echo UserKnownHostsFile=/dev/null >> ~/.ssh/config
> 

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>

_______________________________________________
Patchew-devel mailing list
Patchew-devel@redhat.com
https://www.redhat.com/mailman/listinfo/patchew-devel