From patchwork Fri Feb 3 04:38:37 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrew Donnellan X-Patchwork-Id: 723393 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3vF40Q52Qcz9s74 for ; Fri, 3 Feb 2017 15:39:50 +1100 (AEDT) Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 3vF40Q4Db9zDqBl for ; Fri, 3 Feb 2017 15:39:50 +1100 (AEDT) X-Original-To: snowpatch@lists.ozlabs.org Delivered-To: snowpatch@lists.ozlabs.org Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 3vF40L4g51zDqBZ for ; Fri, 3 Feb 2017 15:39:46 +1100 (AEDT) Received: from pps.filterd (m0098399.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.20/8.16.0.20) with SMTP id v134cigR008490 for ; Thu, 2 Feb 2017 23:39:43 -0500 Received: from e23smtp02.au.ibm.com (e23smtp02.au.ibm.com [202.81.31.144]) by mx0a-001b2d01.pphosted.com with ESMTP id 28c3wp39vj-1 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=NOT) for ; Thu, 02 Feb 2017 23:39:43 -0500 Received: from localhost by e23smtp02.au.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Fri, 3 Feb 2017 14:39:41 +1000 Received: from d23dlp01.au.ibm.com (202.81.31.203) by e23smtp02.au.ibm.com (202.81.31.208) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; Fri, 3 Feb 2017 14:39:39 +1000 Received: from d23relay08.au.ibm.com (d23relay08.au.ibm.com [9.185.71.33]) by d23dlp01.au.ibm.com (Postfix) with ESMTP id 92C482CE8056 for ; Fri, 3 Feb 2017 15:39:38 +1100 (EST) Received: from d23av05.au.ibm.com (d23av05.au.ibm.com [9.190.234.119]) by d23relay08.au.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id v134dUqo30474288 for ; Fri, 3 Feb 2017 15:39:38 +1100 Received: from d23av05.au.ibm.com (localhost [127.0.0.1]) by d23av05.au.ibm.com (8.14.4/8.14.4/NCO v10.0 AVout) with ESMTP id v134d640001660 for ; Fri, 3 Feb 2017 15:39:06 +1100 Received: from ozlabs.au.ibm.com (ozlabs.au.ibm.com [9.192.253.14]) by d23av05.au.ibm.com (8.14.4/8.14.4/NCO v10.0 AVin) with ESMTP id v134d6RD001111; Fri, 3 Feb 2017 15:39:06 +1100 Received: from ajd.ozlabs.ibm.com (haven.au.ibm.com [9.192.254.114]) (using TLSv1.2 with cipher AES128-SHA256 (128/128 bits)) (No client certificate requested) by ozlabs.au.ibm.com (Postfix) with ESMTPSA id C790BA0105; Fri, 3 Feb 2017 15:38:41 +1100 (AEDT) From: Andrew Donnellan To: snowpatch@lists.ozlabs.org Date: Fri, 3 Feb 2017 15:38:37 +1100 X-Mailer: git-send-email 2.11.0 X-TM-AS-MML: disable X-Content-Scanned: Fidelis XPS MAILER x-cbid: 17020304-0004-0000-0000-000001DC7DD2 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 17020304-0005-0000-0000-0000099A0A05 Message-Id: <20170203043837.14426-1-andrew.donnellan@au1.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-02-03_03:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=1 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1612050000 definitions=main-1702030048 Subject: [snowpatch] [PATCH] Replace ssh agent authentication with explicit key X-BeenThere: snowpatch@lists.ozlabs.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Continuous Integration for patch-based workflows List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: snowpatch-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "snowpatch" From: Russell Currey libgit2 has a long-standing obscure bug where it gets in an infinite loop calling ssh-agent. ssh-agent has been a pain point in snowpatch for a while now, so let's just not use it - instead, manually specify public and private keys. This adds the benefit of configuring the user ("git" was hardcoded for GitHub/GitLab previously) as well as passphrase support. Future possibility: support parsing "~/" in the settings file. Signed-off-by: Russell Currey Signed-off-by: Andrew Donnellan --- already merged, for information only --- examples/openpower.toml | 5 +++++ src/git.rs | 15 ++++++++++++++- src/main.rs | 4 ++-- src/settings.rs | 9 +++++++++ 4 files changed, 30 insertions(+), 3 deletions(-) diff --git a/examples/openpower.toml b/examples/openpower.toml index 5c0ba40..d582576 100644 --- a/examples/openpower.toml +++ b/examples/openpower.toml @@ -14,6 +14,11 @@ # openpower.toml - example configuration file # +[git] +user = "git" +public_key = "/home/ruscur/.ssh/id_rsa.pub" +private_key = "/home/ruscur/.ssh/id_rsa" + [patchwork] url = "https://russell.cc/patchwork" port = 443 #optional diff --git a/src/git.rs b/src/git.rs index 51362b5..e67caac 100644 --- a/src/git.rs +++ b/src/git.rs @@ -14,13 +14,15 @@ // git.rs - snowpatch git functionality // -use git2::{Repository, Commit, Remote, Error, PushOptions}; +use git2::{Repository, Commit, Remote, Error, PushOptions, Cred}; use git2::build::CheckoutBuilder; use std::result::Result; use std::path::Path; use std::process::{Command, Output}; +use settings::Git; + pub static GIT_REF_BASE: &'static str = "refs/heads"; pub fn get_latest_commit(repo: &Repository) -> Commit { @@ -89,6 +91,17 @@ pub fn apply_patch(repo: &Repository, path: &Path) } } +pub fn cred_from_settings(settings: &Git) -> Result { + // We have to convert from Option to Option<&str> + let public_key = settings.public_key.as_ref().map(String::as_ref); + let passphrase = settings.passphrase.as_ref().map(String::as_ref); + + Cred::ssh_key(&settings.user, + public_key, + Path::new(&settings.private_key), + passphrase) +} + #[cfg(test)] mod tests { #[test] diff --git a/src/main.rs b/src/main.rs index af488f3..0913277 100644 --- a/src/main.rs +++ b/src/main.rs @@ -31,7 +31,7 @@ extern crate url; extern crate log; extern crate env_logger; -use git2::{Cred, BranchType, RemoteCallbacks, PushOptions}; +use git2::{BranchType, RemoteCallbacks, PushOptions}; use hyper::Client; use hyper::client::ProxyConfig; @@ -155,7 +155,7 @@ fn test_patch(settings: &Config, client: &Arc, project: &Project, path: let mut push_callbacks = RemoteCallbacks::new(); push_callbacks.credentials(|_, _, _| { - Cred::ssh_key_from_agent("git") + git::cred_from_settings(&settings.git) }); let mut push_opts = PushOptions::new(); diff --git a/src/settings.rs b/src/settings.rs index 4e91244..2d30e7c 100644 --- a/src/settings.rs +++ b/src/settings.rs @@ -28,6 +28,14 @@ use std::collections::BTreeMap; // TODO: Give more informative error messages when we fail to parse. #[derive(RustcDecodable, Clone)] +pub struct Git { + pub user: String, + pub public_key: Option, + pub private_key: String, + pub passphrase: Option +} + +#[derive(RustcDecodable, Clone)] pub struct Patchwork { pub url: String, pub port: Option, @@ -65,6 +73,7 @@ impl Project { #[derive(RustcDecodable, Clone)] pub struct Config { + pub git: Git, pub patchwork: Patchwork, pub jenkins: Jenkins, pub projects: BTreeMap