From 48afa84e11637447f8b7f7dd67b57fbbd0ddb99d Mon Sep 17 00:00:00 2001
From: Egor Tensin <Egor.Tensin@gmail.com>
Date: Sat, 31 Jul 2021 18:54:38 +0300
Subject: test/integration/docker: generate new SSH keys every time

---
 test/integration/docker/test.sh | 37 +++++++++++++++++++++++++++++++++----
 1 file changed, 33 insertions(+), 4 deletions(-)

(limited to 'test/integration/docker/test.sh')

diff --git a/test/integration/docker/test.sh b/test/integration/docker/test.sh
index 7c76298..7948be0 100755
--- a/test/integration/docker/test.sh
+++ b/test/integration/docker/test.sh
@@ -8,6 +8,9 @@ readonly script_dir
 script_name="$( basename -- "${BASH_SOURCE[0]}" )"
 readonly script_name
 
+readonly ssh_dir="$script_dir/ssh"
+readonly client_key_password='password'
+
 dump() {
     local prefix="${FUNCNAME[0]}"
     [ "${#FUNCNAME[@]}" -gt 1 ] && prefix="${FUNCNAME[1]}"
@@ -18,6 +21,32 @@ dump() {
     done
 }
 
+cleanup() {
+    echo
+    echo ----------------------------------------------------------------------
+    echo Cleaning up
+    echo ----------------------------------------------------------------------
+
+    remove_ssh_keys
+    kill_ssh_agent
+}
+
+generate_ssh_keys() {
+    echo
+    echo ----------------------------------------------------------------------
+    echo Generating SSH keys
+    echo ----------------------------------------------------------------------
+
+    mkdir -p -- "$ssh_dir"
+
+    ssh-keygen -t rsa -b 4096 -f "$ssh_dir/client_key" -N "$client_key_password"
+    ssh-keygen -t rsa -b 4096 -f "$ssh_dir/server_key" -N ''
+}
+
+remove_ssh_keys() {
+    rm -rf -- "$ssh_dir"
+}
+
 kill_ssh_agent() {
     [ -n "${SSH_AGENT_PID:+x}" ] || return 0
     dump "killing ssh-agent with PID $SSH_AGENT_PID"
@@ -37,7 +66,6 @@ spawn_ssh_agent() {
         dump "could not start ssh-agent" >&2
         return 1
     fi
-    trap kill_ssh_agent EXIT
 }
 
 setup_ssh_agent() {
@@ -48,9 +76,8 @@ setup_ssh_agent() {
 
     spawn_ssh_agent
 
-    local key='ssh/client_key'
+    local key="$ssh_dir/client_key"
     chmod 0600 -- "$key"
-    local password='password'
 
     local askpass_path
     askpass_path="$( mktemp --tmpdir="$script_dir" )"
@@ -62,7 +89,7 @@ setup_ssh_agent() {
     chmod 0700 -- "$askpass_path"
 
     local echo_password
-    echo_password="$( printf -- 'echo %q' "$password" )"
+    echo_password="$( printf -- 'echo %q' "$client_key_password" )"
     echo "$echo_password" > "$askpass_path"
 
     SSH_ASKPASS="$askpass_path" SSH_ASKPASS_REQUIRE=force DISPLAY= ssh-add "$key" > /dev/null 2>&1 < /dev/null
@@ -78,6 +105,7 @@ docker_build() {
 }
 
 setup() {
+    generate_ssh_keys
     setup_ssh_agent
     docker_build
 }
@@ -122,6 +150,7 @@ verify() {
 }
 
 main() {
+    trap cleanup EXIT
     pushd -- "$script_dir" > /dev/null
     setup
     run
-- 
cgit v1.2.3