From nobody Tue Apr 16 07:31:14 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=patchew-devel-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=patchew-devel-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
Return-Path: <patchew-devel-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1552666124363236.25762055970472;
 Fri, 15 Mar 2019 09:08:44 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com
 [10.5.11.16])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id E694983F3D;
	Fri, 15 Mar 2019 16:08:42 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id DC9B05C21F;
	Fri, 15 Mar 2019 16:08:42 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id D2F633FA46;
	Fri, 15 Mar 2019 16:08:42 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com
	[10.5.11.13])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id x2FG7unX010472 for <patchew-devel@listman.util.phx.redhat.com>;
	Fri, 15 Mar 2019 12:07:56 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 4B891183C8; Fri, 15 Mar 2019 16:07:56 +0000 (UTC)
Received: from donizetti.redhat.com (ovpn-112-50.ams2.redhat.com
	[10.36.112.50])
	by smtp.corp.redhat.com (Postfix) with ESMTP id B5FBA17A64
	for <patchew-devel@redhat.com>; Fri, 15 Mar 2019 16:07:52 +0000 (UTC)
From: Paolo Bonzini <pbonzini@redhat.com>
To: patchew-devel@redhat.com
Date: Fri, 15 Mar 2019 17:07:51 +0100
Message-Id: <20190315160751.25569-1-pbonzini@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13
X-loop: patchew-devel@redhat.com
Subject: [Patchew-devel] [PATCH] deploy: make ssh private key mandatory
X-BeenThere: patchew-devel@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Patchew development and discussion list <patchew-devel.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/patchew-devel>,
	<mailto:patchew-devel-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/patchew-devel>
List-Post: <mailto:patchew-devel@redhat.com>
List-Help: <mailto:patchew-devel-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/patchew-devel>,
	<mailto:patchew-devel-request@redhat.com?subject=subscribe>
Content-Transfer-Encoding: quoted-printable
Sender: patchew-devel-bounces@redhat.com
Errors-To: patchew-devel-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.27]);
 Fri, 15 Mar 2019 16:08:42 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"

Now that patchew.org has switched from password to SSH authentication,
stop the transitory period and just require ssh authentication.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
 docs/patchew.rst                       | 5 +++++
 scripts/dockerfiles/importer.docker    | 5 +----
 scripts/playbooks/deploy-importers.yml | 1 -
 3 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/docs/patchew.rst b/docs/patchew.rst
index aa51c7f..8def637 100644
--- a/docs/patchew.rst
+++ b/docs/patchew.rst
@@ -94,6 +94,10 @@ command line).  Note that the fingerprint format, as pri=
nted by
 bytes separated by colons; offlineimap and thus ``scripts/deploy``
 do not use colons.
=20
+The importer will also need a private key that is allowed to push to the
+git repository.  Right now, the private key must not have a passphrase;
+SSH agents are not supported.
+
 You can also specify all the variables directly on the command line
 using the ``-e`` option::
=20
@@ -102,6 +106,7 @@ using the ``-e`` option::
         patchew_server=3Dhttp://patchew.example.com/
         importer_user=3Dimporter
         importer_pass=3Dgotsomepatches
+        importer_identity=3D/path/to/id_rsa
         imap_server=3Dimap.example.com
         imap_user=3Dusername@example.com
         imap_pass=3Dhunter2
diff --git a/scripts/dockerfiles/importer.docker b/scripts/dockerfiles/impo=
rter.docker
index ab15d45..0021d93 100644
--- a/scripts/dockerfiles/importer.docker
+++ b/scripts/dockerfiles/importer.docker
@@ -3,10 +3,7 @@ RUN dnf install -y python offlineimap findutils git wget
 RUN git config --global user.email "importer@patchew.org"
 RUN git config --global user.name "Patchew Importer"
 RUN mkdir -p -m 0700 ~/.ssh
-RUN test -f /data/patchew/id_rsa || ssh-keygen -t rsa -q -C patchew-import=
er -f ~/.ssh/id_rsa
-RUN if test -f /data/patchew/identity; then \
-        echo IdentityFile=3D/data/patchew/identity > ~/.ssh/config; \
-    fi
+RUN echo IdentityFile=3D/data/patchew/identity > ~/.ssh/config
 RUN echo StrictHostKeyChecking no >> ~/.ssh/config
 RUN echo UserKnownHostsFile=3D/dev/null >> ~/.ssh/config
 ENV LC_ALL en_US.UTF-8
diff --git a/scripts/playbooks/deploy-importers.yml b/scripts/playbooks/dep=
loy-importers.yml
index 48d1798..2e45db8 100644
--- a/scripts/playbooks/deploy-importers.yml
+++ b/scripts/playbooks/deploy-importers.yml
@@ -64,7 +64,6 @@
         dest: "{{ identity_file }}"
         validate: test -f %s
         mode: 0400
-      when: importer_identity !=3D ""
     - name: Create config
       template:
         src: "templates/importer-config.j2"
--=20
2.20.1

_______________________________________________
Patchew-devel mailing list
Patchew-devel@redhat.com
https://www.redhat.com/mailman/listinfo/patchew-devel