Skip to content
This repository has been archived by the owner on Nov 1, 2022. It is now read-only.

Retry SSH keyscan command #1971

Merged
merged 5 commits into from
Apr 24, 2019
Merged

Retry SSH keyscan command #1971

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
7844e7a
Retry SSH keyscan command
stefanprodan Apr 24, 2019
4b44ef9
Combine SSH generate and verify known hosts
stefanprodan Apr 24, 2019
00a5a41
Retry known hosts validation
stefanprodan Apr 24, 2019
4421eee
Exit without waiting on ssh-keyscan max retry
hiddeco Apr 24, 2019
63b8c92
Remove duplicate code
stefanprodan Apr 24, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -69,8 +69,8 @@ build/.%.done: docker/Dockerfile.%
-f build/docker/$*/Dockerfile.$* ./build/docker/$*
touch $@

build/.flux.done: build/fluxd build/kubectl docker/ssh_config docker/kubeconfig docker/verify_known_hosts.sh
build/.helm-operator.done: build/helm-operator build/kubectl build/helm docker/ssh_config docker/verify_known_hosts.sh docker/helm-repositories.yaml
build/.flux.done: build/fluxd build/kubectl docker/ssh_config docker/kubeconfig docker/verify_known_hosts.sh docker/known_hosts.sh
build/.helm-operator.done: build/helm-operator build/kubectl build/helm docker/ssh_config docker/verify_known_hosts.sh docker/known_hosts.sh docker/helm-repositories.yaml

build/fluxd: $(FLUXD_DEPS)
build/fluxd: cmd/fluxd/*.go
Expand Down
7 changes: 4 additions & 3 deletions docker/Dockerfile.flux
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,10 @@ RUN apk add --no-cache openssh ca-certificates tini 'git>=2.3.0' gnupg
# Add git hosts to known hosts file so we can use
# StrickHostKeyChecking with git+ssh
ADD ./verify_known_hosts.sh /home/flux/verify_known_hosts.sh
RUN ssh-keyscan github.com gitlab.com bitbucket.org ssh.dev.azure.com vs-ssh.visualstudio.com >> /etc/ssh/ssh_known_hosts && \
sh /home/flux/verify_known_hosts.sh /etc/ssh/ssh_known_hosts && \
rm /home/flux/verify_known_hosts.sh
ADD ./known_hosts.sh /home/flux/known_hosts.sh
RUN sh /home/flux/known_hosts.sh /etc/ssh/ssh_known_hosts && \
rm /home/flux/verify_known_hosts.sh && \
rm /home/flux/known_hosts.sh

# Add default SSH config, which points at the private key we'll mount
COPY ./ssh_config /etc/ssh/ssh_config
Expand Down
7 changes: 4 additions & 3 deletions docker/Dockerfile.helm-operator
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,10 @@ RUN apk add --no-cache openssh ca-certificates tini 'git>=2.3.0'
# Add git hosts to known hosts file so we can use
# StrickHostKeyChecking with git+ssh
ADD ./verify_known_hosts.sh /home/flux/verify_known_hosts.sh
RUN ssh-keyscan github.com gitlab.com bitbucket.org ssh.dev.azure.com vs-ssh.visualstudio.com >> /etc/ssh/ssh_known_hosts && \
sh /home/flux/verify_known_hosts.sh /etc/ssh/ssh_known_hosts && \
rm /home/flux/verify_known_hosts.sh
ADD ./known_hosts.sh /home/flux/known_hosts.sh
RUN sh /home/flux/known_hosts.sh /etc/ssh/ssh_known_hosts && \
rm /home/flux/verify_known_hosts.sh && \
rm /home/flux/known_hosts.sh

# Add default SSH config, which points at the private key we'll mount
COPY ./ssh_config /etc/ssh/ssh_config
Expand Down
20 changes: 20 additions & 0 deletions docker/known_hosts.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
#!/bin/sh

set -eu

known_hosts_file=${1}
known_hosts_file=${known_hosts_file:-/etc/ssh/ssh_known_hosts}

retries=10
count=0
ok=false
until ${ok}; do
ssh-keyscan github.com gitlab.com bitbucket.org ssh.dev.azure.com vs-ssh.visualstudio.com >> ${known_hosts_file} && \
sh /home/flux/verify_known_hosts.sh ${known_hosts_file} && ok=true || ok=false
sleep 2
count=$(($count + 1))
if [[ ${count} -eq ${retries} ]]; then
echo "No more retries left"
exit 1
fi
done