Automatically add each new host to ~/.ssh/known_hosts

This commit is contained in:
Alex Dergachev 2014-11-18 19:02:29 +00:00
parent aefe8918d9
commit 66a196844a
2 changed files with 33 additions and 8 deletions

View File

@ -1,7 +1,9 @@
redmine_repository_fetch redmine_repository_fetch
======================== ========================
Redmine plugin to automatically clone and fetch referenced repositories Redmine plugin to automatically clone and fetch referenced repositories.
## Installation
Currently the plugin hardcodes this config, change it for your use-case: Currently the plugin hardcodes this config, change it for your use-case:
@ -9,20 +11,26 @@ Currently the plugin hardcodes this config, change it for your use-case:
PATTERNS = [ PATTERNS = [
{ :pattern => "/redmine_git_fetch/github.com/", { :pattern => "/redmine_git_fetch/github.com/",
:uri_prefix => "git@github.com:", :uri_prefix => "git@github.com:",
:host => "github.com",
:key => "/home/redmine/data/keys/id_rsa" :key => "/home/redmine/data/keys/id_rsa"
}, },
{ :pattern => "/redmine_git_fetch/gitlab.com/", { :pattern => "/redmine_git_fetch/gitlab.com/",
:uri_prefix => "git@gitlab.com:", :uri_prefix => "git@gitlab.com:",
:host => "gitlab.com",
:key => "/home/redmine/data/keys/id_rsa" :key => "/home/redmine/data/keys/id_rsa"
}, },
{ :pattern => "/redmine_git_fetch/git.ewdev.ca/", { :pattern => "/redmine_git_fetch/git.ewdev.ca/",
:uri_prefix => "git@git.ewdev.ca:", :uri_prefix => "git@git.ewdev.ca:",
:host => "git.ewdev.ca",
:key => "/home/redmine/data/keys/id_rsa" :key => "/home/redmine/data/keys/id_rsa"
} }
] ]
``` ```
Once you have it setup, do the following: Be sure to populate the appropriate keys for your redmine user (www-data, redmine, etc),
either in `~/.ssh` or in the place specified by the `PATTERNS[x][:key]` property.
## Usage
Add `/redmine_git_fetch/github.com/evolvingweb/sitediff.git` to a repo. The Add `/redmine_git_fetch/github.com/evolvingweb/sitediff.git` to a repo. The
plugin will automatically detect the prefix `/redmine_git_fetch/github.com/` plugin will automatically detect the prefix `/redmine_git_fetch/github.com/`
@ -34,7 +42,7 @@ Note that `/redmine_git_fetch` folder will get auto-created.
The plugin currently doesn't fetch any repos outside its purview. The plugin currently doesn't fetch any repos outside its purview.
It also needs to be run as follows: It also needs to be run as follows, probably from cron:
``` ```
bundle exec rails runner "RepositoryFetch.fetch" -e production bundle exec rails runner "RepositoryFetch.fetch" -e production

View File

@ -7,14 +7,17 @@ module RepositoryFetch
PATTERNS = [ PATTERNS = [
{ :pattern => "/redmine_git_fetch/github.com/", { :pattern => "/redmine_git_fetch/github.com/",
:uri_prefix => "git@github.com:", :uri_prefix => "git@github.com:",
:host => "github.com",
:key => "/home/redmine/data/keys/id_rsa" :key => "/home/redmine/data/keys/id_rsa"
}, },
{ :pattern => "/redmine_git_fetch/gitlab.com/", { :pattern => "/redmine_git_fetch/gitlab.com/",
:uri_prefix => "git@gitlab.com:", :uri_prefix => "git@gitlab.com:",
:host => "gitlab.com",
:key => "/home/redmine/data/keys/id_rsa" :key => "/home/redmine/data/keys/id_rsa"
}, },
{ :pattern => "/redmine_git_fetch/git.ewdev.ca/", { :pattern => "/redmine_git_fetch/git.ewdev.ca/",
:uri_prefix => "git@git.ewdev.ca:", :uri_prefix => "git@git.ewdev.ca:",
:host => "git.ewdev.ca",
:key => "/home/redmine/data/keys/id_rsa" :key => "/home/redmine/data/keys/id_rsa"
} }
] ]
@ -33,15 +36,17 @@ module RepositoryFetch
return return
end end
add_known_host(p[:host])
# If dir exists and non-empty, should be safe to 'git fetch' # If dir exists and non-empty, should be safe to 'git fetch'
if Dir.exists?(path) && Dir.entries(path) != [".", ".."] if Dir.exists?(path) && Dir.entries(path) != [".", ".."]
puts "Running git fetch on #{path}" puts "Running git fetch on #{path}"
puts self.exec_with_key "git -C #{path} fetch --all", p[:key] puts exec_with_key "git -C #{path} fetch --all", p[:key]
else else
# try cloning the repo # try cloning the repo
url = path.sub( p[:pattern], p[:uri_prefix]) url = path.sub( p[:pattern], p[:uri_prefix])
puts "Matched new URL, trying to clone: " + url puts "Matched new URL, trying to clone: " + url
puts self.exec_with_key "git clone --mirror #{url} #{path}", p[:key] puts exec_with_key "git clone --mirror #{url} #{path}", p[:key]
end end
end end
@ -52,11 +57,23 @@ module RepositoryFetch
def self.fetch def self.fetch
Project.active.has_module(:repository).all.each do |project| Project.active.has_module(:repository).all.each do |project|
project.repositories.each do |repository| project.repositories.each do |repository|
self.clone_or_fetch(repository) clone_or_fetch(repository)
end end
end end
end end
class Fetcher # Checks if host is in ~/.ssh/known_hosts, adds it if not present
def self.add_known_host(host)
# if not found...
if `ssh-keygen -F #{host} | grep 'found'` == ""
# hack to work with 'docker exec' where HOME isn't set (or set to /)
ssh_known_hosts = (ENV['HOME'] == "/" or ENV['HOME'] == nil ? "/root" : ENV['HOME']) + "/.ssh/known_hosts"
puts "Authorizing #{host}"
puts `ssh-keyscan #{host} >> #{ssh_known_hosts}`
end
end
class Fetch
end end
end end