From 3f98947d292c2856a27acac0f3e39f1461e7364d Mon Sep 17 00:00:00 2001 From: Ricard Illa Date: Tue, 13 Sep 2022 10:29:37 +0200 Subject: [PATCH] ssh client, to use with ci --- ssh-ci/Dockerfile | 8 ++++++ ssh-ci/Makefile | 19 ++++++++++++++ ssh-ci/entrypoint.sh | 61 ++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 88 insertions(+) create mode 100644 ssh-ci/Dockerfile create mode 100644 ssh-ci/Makefile create mode 100644 ssh-ci/entrypoint.sh diff --git a/ssh-ci/Dockerfile b/ssh-ci/Dockerfile new file mode 100644 index 0000000..fddd68b --- /dev/null +++ b/ssh-ci/Dockerfile @@ -0,0 +1,8 @@ +FROM alpine:3.16 + +COPY entrypoint.sh /entrypoint + +RUN chmod +x /entrypoint && \ + apk add --no-cache openssh-client + +ENTRYPOINT ["/entrypoint"] diff --git a/ssh-ci/Makefile b/ssh-ci/Makefile new file mode 100644 index 0000000..5b2f684 --- /dev/null +++ b/ssh-ci/Makefile @@ -0,0 +1,19 @@ +IMG_NAME=rsync +REGISTRY=registry.monotremata.xyz +IMG=$(REGISTRY)/$(IMG_NAME) +PLATFORMS=linux/amd64,linux/arm64 + +.PHONY: build push buildx + +build: Dockerfile entrypoint.sh + docker build -t $(IMG) . + +push: build + docker image push $(IMG) + +buildx: Dockerfile entrypoint.sh + docker buildx build \ + --platform $(PLATFORMS) \ + --tag $(IMG) \ + --push \ + . diff --git a/ssh-ci/entrypoint.sh b/ssh-ci/entrypoint.sh new file mode 100644 index 0000000..3302ca6 --- /dev/null +++ b/ssh-ci/entrypoint.sh @@ -0,0 +1,61 @@ +#!/bin/sh + +set -e + +# check settings + +HOST="${HOST:-${PLUGIN_HOST}}" +if [ -z "$HOST" ]; then + echo "'host' must be specified" + exit 1 +fi + +USER="${USER:-${PLUGIN_USER:-root}}" +PORT="${PORT:-${PLUGIN_PORT:-22}}" + +SSH_KEY="${SSH_KEY:-${PLUGIN_KEY}}" +if [ -z "$SSH_KEY" ]; then + echo "ssh_key must be specified" + exit 1 +fi + +SSH_KEY_CERT="${SSH_KEY_CERT:-${PLUGIN_KEY_CERT}}" + +KNOWN_HOSTS="${KNOWN_HOSTS:=${PLUGIN_KNOWN_HOSTS}}" + +COMMANDS="${COMMANDS:-${PLUGIN_COMMANDS}}" +if [ -z "$COMMANDS" ]; then + echo "specify at least one command to run" + exit 1 +fi + +ARGS=${ARGS:-${PLUGIN_ARGS}} + +# prepare SSH + +mkdir -p "$HOME/.ssh" +keyfile="$HOME/.ssh/user_key" +echo "$SSH_KEY" > "$keyfile" +chmod 0600 "$keyfile" + +echo 'Host *' > "$HOME/.ssh/config" +echo " IdentityFile $keyfile" >> "$HOME/.ssh/config" + +if [ -n "${SSH_KEY_CERT}" ]; then + certfile="$HOME/.ssh/user_key-cert.pub" + echo "${SSH_KEY_CERT}" > "$certfile" + echo " CertificateFile $certfile" >> "$HOME/.ssh/config" +fi + +known_hosts_file="${HOME}/.ssh/known_hosts" +[ -n "${KNOWN_HOSTS}" ] && echo "${KNOWN_HOSTS}" >> "$known_hosts_file" +[ -f "${known_hosts_file}" ] && chmod 0600 "$known_hosts_file" + +# run commands + +IFS="," +for COMMAND in $COMMANDS; do + echo "running '$COMMAND' remotely" + # shellcheck disable=SC2086,SC2029 + ssh -p "${PORT}" $ARGS "$USER"@"${HOST}" "$COMMAND" +done