From 001f7f04cb99807fbacbc498160dc20b39e9292f Mon Sep 17 00:00:00 2001 From: antonag32 Date: Tue, 16 Jan 2024 14:43:31 -0600 Subject: [PATCH] [FIX] t2d: add ssh key to authorized_keys Since /home/odoo/.ssh is marked as a volume in the parent image, changes to files in the directory during docker build are being lost when a new container is created. Therefore the authorized_keys file is set directly on the host and copied over to the container. Closes #211. --- .../templates/Dockerfile_deployv | 1 - src/travis2docker/templates/build.sh | 20 ---------------- src/travis2docker/travis2docker.py | 23 +++++++++++++++++++ 3 files changed, 23 insertions(+), 21 deletions(-) diff --git a/src/travis2docker/templates/Dockerfile_deployv b/src/travis2docker/templates/Dockerfile_deployv index 809d862..335a225 100644 --- a/src/travis2docker/templates/Dockerfile_deployv +++ b/src/travis2docker/templates/Dockerfile_deployv @@ -34,7 +34,6 @@ RUN . /home/odoo/build.sh && \ configure_vim && \ configure_zsh && \ chown_all && \ - set_authorized_keys && \ mv /entrypoint_image /deployv_entrypoint_image && \ mv /entry_point.py /deployv_entry_point.py && \ mkdir /run/sshd diff --git a/src/travis2docker/templates/build.sh b/src/travis2docker/templates/build.sh index c2ac5e3..3306286 100644 --- a/src/travis2docker/templates/build.sh +++ b/src/travis2docker/templates/build.sh @@ -55,26 +55,6 @@ EOF # alias odoo } -set_authorized_keys(){ - YELLOW='\033[0;33m' - NC='\033[0m' - - AUTH_FILE="${HOME}/.ssh/authorized_keys" - ED_KEY="${HOME}/.ssh/id_ed25519.pub" - RSA_KEY="${HOME}/.ssh/id_rsa.pub" - - echo "INFO: Adding public key to ~/.ssh/authorized_keys" - if [ -f "${ED_KEY}" ]; then - tee -a "${AUTH_FILE}" < "${ED_KEY}" - elif [ -f "${RSA_KEY}" ]; then - printf "${YELLOW}WARNING: RSA keys are deprecated, consider changing to ed25519\n${NC}" - tee -a "${AUTH_FILE}" < "${RSA_KEY}" - else - echo "INFO: No public key found. No key added to ~/.ssh/authorized_keys" - fi -} - - # You can add new packages here install_dev_tools(){ apt update -qq diff --git a/src/travis2docker/travis2docker.py b/src/travis2docker/travis2docker.py index 5717fb6..d653b25 100644 --- a/src/travis2docker/travis2docker.py +++ b/src/travis2docker/travis2docker.py @@ -306,6 +306,7 @@ def compute_dockerfile(self, skip_after_success=False): copies = [] for copy_path, dest in self.copy_paths: copies.append((self.copy_path(copy_path), dest)) + self.set_authorized_key() kwargs = { 'runs': [], 'copies': copies, @@ -381,3 +382,25 @@ def copy_path(self, path): else: raise UserWarning("Just directory or file is supported to copy [%s]" % src) return os.path.relpath(dest_path, self.curr_work_path) + + def set_authorized_key(self): + ssh_dir = os.path.expanduser("~/.ssh") + ed_key = os.path.join(ssh_dir, "id_ed25519.pub") + rsa_key = os.path.join(ssh_dir, "id_rsa.pub") + + to_copy = False + if os.path.isfile(ed_key): + to_copy = ed_key + elif os.path.isfile(rsa_key): + print("RSA keys are deprecated, consider changing to ed25519") + to_copy = rsa_key + + if not to_copy: + print("No public key found. No key added to ~/.ssh/authorized_keys. SSH login won't work.") + return + + with open(to_copy, "r", encoding="utf-8") as key_fd: + pub_key = key_fd.read() + + with open(os.path.join(self.curr_work_path, ".ssh", "authorized_keys"), "w", encoding="utf-8") as auth_fd: + auth_fd.write(pub_key)