From 9295b1aa712e5df5526699ed8e2851f49cc1da27 Mon Sep 17 00:00:00 2001 From: Simon Hausmann Date: Thu, 26 Sep 2019 10:42:44 +0200 Subject: Simplify ssh key setup Use GIT_SSH_COMMAND instead of a wrapper script, as suggested by Aapo. Change-Id: I4a6bffdef4aca0795a35853554ef4a2bfbc25f77 Reviewed-by: Aapo Keskimolo Reviewed-by: Frederik Gladhorn --- src/qtmoduleupdater/gerrit.go | 8 ++++++-- src/qtmoduleupdater/main.go | 35 +++-------------------------------- 2 files changed, 9 insertions(+), 34 deletions(-) (limited to 'src') diff --git a/src/qtmoduleupdater/gerrit.go b/src/qtmoduleupdater/gerrit.go index 2208255..4cebe95 100644 --- a/src/qtmoduleupdater/gerrit.go +++ b/src/qtmoduleupdater/gerrit.go @@ -89,8 +89,12 @@ func gerritSSHCommand(gerritURL url.URL, arguments ...string) (*exec.Cmd, error) newArgs := []string{"-oBatchMode=yes", userAtHost, "-p", port} newArgs = append(newArgs, arguments...) - ssh := os.Getenv("GIT_SSH") - if ssh == "" { + ssh := os.Getenv("GIT_SSH_COMMAND") + if ssh != "" { + commandLine := strings.Split(ssh, " ") + ssh = commandLine[0] + newArgs = append(commandLine[1:], newArgs...) + } else { ssh = "ssh" } log.Printf("Running gerrit ssh command: 'ssh %v'\n", newArgs) diff --git a/src/qtmoduleupdater/main.go b/src/qtmoduleupdater/main.go index 4f0fbe2..5ef5d0d 100644 --- a/src/qtmoduleupdater/main.go +++ b/src/qtmoduleupdater/main.go @@ -35,41 +35,14 @@ import ( "os" ) -func setupEnvironmentForSubmoduleUpdateBot() (cleanupFunction func(), username string, err error) { - cleanupFunction = func() {} - +func setupEnvironmentForSubmoduleUpdateBot() (username string, err error) { submoduleUpdateBotKeyPath := "submodule_update_bot_key_rsa" if _, err = os.Stat(submoduleUpdateBotKeyPath); os.IsNotExist(err) { err = fmt.Errorf("cannot locate submodule update bot SSH key file. Please copy it from the coin secrets repo into the current directory") return } - var sshWrapperScript *os.File - - cleanupFunction = func() { - if sshWrapperScript != nil { - os.Remove(sshWrapperScript.Name()) - } - } - - sshWrapperScript, err = ioutil.TempFile("", "") - if err != nil { - err = fmt.Errorf("Error creating temporary SSH wrapper script: %s", err) - return - } - if err = sshWrapperScript.Chmod(0700); err != nil { - sshWrapperScript.Close() - err = fmt.Errorf("Error making temporary SSH wrapper script executable: %s", err) - return - } - sshWrapperScript.Close() - - scriptSource := fmt.Sprintf("#!/bin/sh\nexec ssh -i %s \"$@\"", submoduleUpdateBotKeyPath) - if err = ioutil.WriteFile(sshWrapperScript.Name(), []byte(scriptSource), 0700); err != nil { - err = fmt.Errorf("Error writing to temporary SSH wrapper script: %s", err) - return - } - os.Setenv("GIT_SSH", sshWrapperScript.Name()) + os.Setenv("GIT_SSH_COMMAND", fmt.Sprintf("ssh -i %s", submoduleUpdateBotKeyPath)) os.Setenv("GIT_SSH_USER", "qt_submodule_update_bot") os.Setenv("GIT_AUTHOR_NAME", "Qt Submodule Update Bot") @@ -110,13 +83,11 @@ func appMain() error { var pushUserName string if stageAsBot { - var cleaner func() var err error - cleaner, pushUserName, err = setupEnvironmentForSubmoduleUpdateBot() + pushUserName, err = setupEnvironmentForSubmoduleUpdateBot() if err != nil { return fmt.Errorf("error preparing environment to work as submodule-update user: %s", err) } - defer cleaner() } batch := &ModuleUpdateBatch{ -- cgit v1.2.1