diff options
author | Bryan McLellan <btm@loftninjas.org> | 2019-05-13 14:34:37 -0400 |
---|---|---|
committer | Bryan McLellan <btm@loftninjas.org> | 2019-05-13 15:08:13 -0400 |
commit | 0a1a78f404dcd2c8f1405e9e5af26dd80155ff6b (patch) | |
tree | 34f0d420e617247b3e4d1848035ef7066877f4f6 | |
parent | 1bd3c85149a1e1ff0ad64dea672fb6b832a99b7b (diff) | |
download | chef-0a1a78f404dcd2c8f1405e9e5af26dd80155ff6b.tar.gz |
move retry into #connect!
Signed-off-by: Bryan McLellan <btm@loftninjas.org>
-rw-r--r-- | lib/chef/knife/bootstrap.rb | 40 | ||||
-rw-r--r-- | spec/unit/knife/bootstrap_spec.rb | 2 |
2 files changed, 20 insertions, 22 deletions
diff --git a/lib/chef/knife/bootstrap.rb b/lib/chef/knife/bootstrap.rb index c901071873..302567396a 100644 --- a/lib/chef/knife/bootstrap.rb +++ b/lib/chef/knife/bootstrap.rb @@ -541,27 +541,7 @@ class Chef $stdout.sync = true register_client - begin - connect! - rescue Train::Transports::SSHFailed => e - if e.message =~ /fingerprint (\S+) is unknown for "(.+)"/ - fingerprint = $1 - hostname,ip = $2.split(',') - puts "The authenticity of host '#{hostname} (#{ip})' can't be established." - # TODO: convert the SHA256 base64 value to hex with colons - # 'ssh' example output: - # RSA key fingerprint is e5:cb:c0:e2:21:3b:12:52:f8:ce:cb:00:24:e2:0c:92. - # ECDSA key fingerprint is 5d:67:61:08:a9:d7:01:fd:5e:ae:7e:09:40:ef:c0:3c. - puts "fingerprint is #{fingerprint}." - ui.confirm("Are you sure you want to continue connecting") - # FIXME: this should save the key to known_hosts but doesn't appear to be - config[:ssh_verify_host_key] = :accept_new - connection_opts(reset: true) - retry - end - - raise e - end + connect! unless client_builder.client_path.nil? bootstrap_context.client_pem = client_builder.client_path @@ -612,6 +592,24 @@ class Chef ui.info("Connecting to #{ui.color(server_name, :bold)}") opts = connection_opts.dup do_connect(opts) + rescue Train::Transports::SSHFailed => e + if e.message =~ /fingerprint (\S+) is unknown for "(.+)"/ + fingerprint = $1 + hostname, ip = $2.split(",") + # TODO: convert the SHA256 base64 value to hex with colons + # 'ssh' example output: + # RSA key fingerprint is e5:cb:c0:e2:21:3b:12:52:f8:ce:cb:00:24:e2:0c:92. + # ECDSA key fingerprint is 5d:67:61:08:a9:d7:01:fd:5e:ae:7e:09:40:ef:c0:3c. + puts "The authenticity of host '#{hostname} (#{ip})' can't be established." + puts "fingerprint is #{fingerprint}." + ui.confirm("Are you sure you want to continue connecting") # will exit 3 on N + # FIXME: this should save the key to known_hosts but doesn't appear to be + config[:ssh_verify_host_key] = :accept_new + connection_opts(reset: true) + retry + end + + raise e rescue Train::Error => e require "net/ssh" if e.cause && e.cause.class == Net::SSH::AuthenticationFailed diff --git a/spec/unit/knife/bootstrap_spec.rb b/spec/unit/knife/bootstrap_spec.rb index e0157b83a5..c45604b7d1 100644 --- a/spec/unit/knife/bootstrap_spec.rb +++ b/spec/unit/knife/bootstrap_spec.rb @@ -1229,7 +1229,7 @@ describe Chef::Knife::Bootstrap do expect(knife.host_verify_opts).to eq( { verify_host_key: false } ) end it "provides a correct default when no option given" do - expect(knife.host_verify_opts).to eq( { verify_host_key: "always"} ) + expect(knife.host_verify_opts).to eq( { verify_host_key: "always" } ) end end end |