From 9dec0d4a26515bc628322f92591347447e5dfacf Mon Sep 17 00:00:00 2001 From: Brad Rydzewski Date: Thu, 11 Dec 2014 14:30:15 -0800 Subject: [PATCH] Revert "Move id_rsa outside docker build #PR1" --- shared/build/build.go | 20 ++++++++++++++++++-- shared/build/build_test.go | 22 ++++++++++++++++++++-- shared/build/buildfile/buildfile.go | 13 ------------- shared/build/buildfile/buildfile_test.go | 7 ------- 4 files changed, 38 insertions(+), 24 deletions(-) diff --git a/shared/build/build.go b/shared/build/build.go index 1af2f01bd..be94904b5 100644 --- a/shared/build/build.go +++ b/shared/build/build.go @@ -218,6 +218,10 @@ func (b *Builder) setup() error { b.services = append(b.services, info) } + if err := b.writeIdentifyFile(dir); err != nil { + return err + } + if err := b.writeBuildScript(dir); err != nil { return err } @@ -451,8 +455,11 @@ func (b *Builder) writeDockerfile(dir string) error { dockerfile.WriteEnv("LOGNAME", "ubuntu") dockerfile.WriteEnv("TERM", "xterm") dockerfile.WriteEnv("SHELL", "/bin/bash") + dockerfile.WriteAdd("id_rsa", "/home/ubuntu/.ssh/id_rsa") + dockerfile.WriteRun("sudo chown -R ubuntu:ubuntu /home/ubuntu/.ssh") dockerfile.WriteRun("sudo chown -R ubuntu:ubuntu /var/cache/drone") dockerfile.WriteRun("sudo chown -R ubuntu:ubuntu /usr/local/bin/drone") + dockerfile.WriteRun("sudo chmod 600 /home/ubuntu/.ssh/id_rsa") default: // all other images are assumed to use // the root user. @@ -464,6 +471,9 @@ func (b *Builder) writeDockerfile(dir string) error { dockerfile.WriteEnv("TERM", "xterm") dockerfile.WriteEnv("SHELL", "/bin/bash") dockerfile.WriteEnv("GOPATH", "/var/cache/drone") + dockerfile.WriteAdd("id_rsa", "/root/.ssh/id_rsa") + dockerfile.WriteRun("chmod 600 /root/.ssh/id_rsa") + dockerfile.WriteRun("echo 'StrictHostKeyChecking no' > /root/.ssh/config") } dockerfile.WriteAdd("proxy.sh", "/etc/drone.d/") @@ -502,8 +512,6 @@ func (b *Builder) writeBuildScript(dir string) error { f.WriteHost(mapping) } - f.WriteFile("$HOME/.ssh/id_rsa", b.Key, 600) - // if the repository is remote then we should // add the commands to the build script to // clone the repository @@ -546,3 +554,11 @@ func (b *Builder) writeProxyScript(dir string) error { proxyfilePath := filepath.Join(dir, "proxy.sh") return ioutil.WriteFile(proxyfilePath, proxyfile.Bytes(), 0755) } + +// writeIdentifyFile is a helper function that +// will generate the id_rsa file in the builder's +// temp directory to be added to the Image. +func (b *Builder) writeIdentifyFile(dir string) error { + keyfilePath := filepath.Join(dir, "id_rsa") + return ioutil.WriteFile(keyfilePath, b.Key, 0700) +} diff --git a/shared/build/build_test.go b/shared/build/build_test.go index 25eee4a15..bf05a3550 100644 --- a/shared/build/build_test.go +++ b/shared/build/build_test.go @@ -477,6 +477,26 @@ func TestRunErrorWait(t *testing.T) { t.Skip() } +func TestWriteIdentifyFile(t *testing.T) { + // temporary directory to store file + dir, _ := ioutil.TempDir("", "drone-test-") + defer os.RemoveAll(dir) + + b := Builder{} + b.Key = []byte("ssh-rsa AAA...") + b.writeIdentifyFile(dir) + + // persist a dummy id_rsa keyfile to disk + keyfile, err := ioutil.ReadFile(filepath.Join(dir, "id_rsa")) + if err != nil { + t.Errorf("Expected id_rsa file saved to disk") + } + + if string(keyfile) != string(b.Key) { + t.Errorf("Expected id_rsa value saved as %s, got %s", b.Key, keyfile) + } +} + func TestWriteProxyScript(t *testing.T) { // temporary directory to store file dir, _ := ioutil.TempDir("", "drone-test-") @@ -521,7 +541,6 @@ func TestWriteBuildScript(t *testing.T) { b := Builder{} b.Build = &script.Build{ Hosts: []string{"127.0.0.1"}} - b.Key = []byte("ssh-rsa AAA...") b.Repo = &repo.Repo{ Path: "git://github.com/drone/drone.git", Branch: "master", @@ -551,7 +570,6 @@ func TestWriteBuildScript(t *testing.T) { f.WriteEnv("CI_BRANCH", "master") f.WriteEnv("CI_PULL_REQUEST", "123") f.WriteHost("127.0.0.1") - f.WriteFile("$HOME/.ssh/id_rsa", []byte("ssh-rsa AAA..."), 600) f.WriteCmd("git clone --depth=0 --recursive git://github.com/drone/drone.git /var/cache/drone/github.com/drone/drone") f.WriteCmd("git fetch origin +refs/pull/123/head:refs/remotes/origin/pr/123") f.WriteCmd("git checkout -qf -b pr/123 origin/pr/123") diff --git a/shared/build/buildfile/buildfile.go b/shared/build/buildfile/buildfile.go index 519356216..c08463808 100644 --- a/shared/build/buildfile/buildfile.go +++ b/shared/build/buildfile/buildfile.go @@ -52,12 +52,6 @@ func (b *Buildfile) WriteHost(mapping string) { b.WriteCmdSilent(fmt.Sprintf("[ -f /usr/bin/sudo ] && echo %q | sudo tee -a /etc/hosts", mapping)) } -// WriteFile add files as part of the script. -func (b *Buildfile) WriteFile(path string, file []byte, i int) { - b.WriteString(fmt.Sprintf("echo %q | tee %s > /dev/null\n", string(file), path)) - b.WriteCmdSilent(fmt.Sprintf("chmod %d %s", i, path)) -} - // every build script starts with the following // code at the start. var base = ` @@ -76,13 +70,6 @@ if [ -d /etc/drone.d ]; then unset i fi -if [ ! -d $HOME/.ssh ]; then - mkdir -p $HOME/.ssh -fi - -chmod 0700 $HOME/.ssh -echo 'StrictHostKeyChecking no' | tee $HOME/.ssh/config > /dev/null - # be sure to exit on error and print out # our bash commands, so we can which commands # are executing and troubleshoot failures. diff --git a/shared/build/buildfile/buildfile_test.go b/shared/build/buildfile/buildfile_test.go index a9fa2dd50..f9e0e942f 100644 --- a/shared/build/buildfile/buildfile_test.go +++ b/shared/build/buildfile/buildfile_test.go @@ -46,11 +46,4 @@ func TestWrite(t *testing.T) { if got != want { t.Errorf("Exepected WriteHost returned %s, got %s", want, got) } - - f = &Buildfile{} - f.WriteFile("$HOME/.ssh/id_rsa", []byte("ssh-rsa AAA..."), 600) - got, want = f.String(), "echo \"ssh-rsa AAA...\" | tee $HOME/.ssh/id_rsa > /dev/null\nchmod 600 $HOME/.ssh/id_rsa\n" - if got != want { - t.Errorf("Exepected WriteFile returned \n%s, \ngot\n%s", want, got) - } }