ssh client, to use with ci

main
Ricard Illa 2022-09-13 10:29:37 +02:00
parent 7f98752cb9
commit 3f98947d29
No known key found for this signature in database
GPG Key ID: F69A672B72E54902
3 changed files with 88 additions and 0 deletions

8
ssh-ci/Dockerfile Normal file
View File

@ -0,0 +1,8 @@
FROM alpine:3.16
COPY entrypoint.sh /entrypoint
RUN chmod +x /entrypoint && \
apk add --no-cache openssh-client
ENTRYPOINT ["/entrypoint"]

19
ssh-ci/Makefile Normal file
View File

@ -0,0 +1,19 @@
IMG_NAME=rsync
REGISTRY=registry.monotremata.xyz
IMG=$(REGISTRY)/$(IMG_NAME)
PLATFORMS=linux/amd64,linux/arm64
.PHONY: build push buildx
build: Dockerfile entrypoint.sh
docker build -t $(IMG) .
push: build
docker image push $(IMG)
buildx: Dockerfile entrypoint.sh
docker buildx build \
--platform $(PLATFORMS) \
--tag $(IMG) \
--push \
.

61
ssh-ci/entrypoint.sh Normal file
View File

@ -0,0 +1,61 @@
#!/bin/sh
set -e
# check settings
HOST="${HOST:-${PLUGIN_HOST}}"
if [ -z "$HOST" ]; then
echo "'host' must be specified"
exit 1
fi
USER="${USER:-${PLUGIN_USER:-root}}"
PORT="${PORT:-${PLUGIN_PORT:-22}}"
SSH_KEY="${SSH_KEY:-${PLUGIN_KEY}}"
if [ -z "$SSH_KEY" ]; then
echo "ssh_key must be specified"
exit 1
fi
SSH_KEY_CERT="${SSH_KEY_CERT:-${PLUGIN_KEY_CERT}}"
KNOWN_HOSTS="${KNOWN_HOSTS:=${PLUGIN_KNOWN_HOSTS}}"
COMMANDS="${COMMANDS:-${PLUGIN_COMMANDS}}"
if [ -z "$COMMANDS" ]; then
echo "specify at least one command to run"
exit 1
fi
ARGS=${ARGS:-${PLUGIN_ARGS}}
# prepare SSH
mkdir -p "$HOME/.ssh"
keyfile="$HOME/.ssh/user_key"
echo "$SSH_KEY" > "$keyfile"
chmod 0600 "$keyfile"
echo 'Host *' > "$HOME/.ssh/config"
echo " IdentityFile $keyfile" >> "$HOME/.ssh/config"
if [ -n "${SSH_KEY_CERT}" ]; then
certfile="$HOME/.ssh/user_key-cert.pub"
echo "${SSH_KEY_CERT}" > "$certfile"
echo " CertificateFile $certfile" >> "$HOME/.ssh/config"
fi
known_hosts_file="${HOME}/.ssh/known_hosts"
[ -n "${KNOWN_HOSTS}" ] && echo "${KNOWN_HOSTS}" >> "$known_hosts_file"
[ -f "${known_hosts_file}" ] && chmod 0600 "$known_hosts_file"
# run commands
IFS=","
for COMMAND in $COMMANDS; do
echo "running '$COMMAND' remotely"
# shellcheck disable=SC2086,SC2029
ssh -p "${PORT}" $ARGS "$USER"@"${HOST}" "$COMMAND"
done