From 48afa84e11637447f8b7f7dd67b57fbbd0ddb99d Mon Sep 17 00:00:00 2001 From: Egor Tensin Date: Sat, 31 Jul 2021 18:54:38 +0300 Subject: test/integration/docker: generate new SSH keys every time --- test/integration/docker/ssh/client_key | 8 ------- test/integration/docker/ssh/client_key.pub | 1 - test/integration/docker/ssh/server_key | 7 ------ test/integration/docker/ssh/server_key.pub | 1 - test/integration/docker/test.sh | 37 ++++++++++++++++++++++++++---- 5 files changed, 33 insertions(+), 21 deletions(-) delete mode 100644 test/integration/docker/ssh/client_key delete mode 100644 test/integration/docker/ssh/client_key.pub delete mode 100644 test/integration/docker/ssh/server_key delete mode 100644 test/integration/docker/ssh/server_key.pub (limited to 'test') diff --git a/test/integration/docker/ssh/client_key b/test/integration/docker/ssh/client_key deleted file mode 100644 index 7502c82..0000000 --- a/test/integration/docker/ssh/client_key +++ /dev/null @@ -1,8 +0,0 @@ ------BEGIN OPENSSH PRIVATE KEY----- -b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABC0VWjnPC -6+rVnkkogRW2onAAAAZAAAAAEAAAAzAAAAC3NzaC1lZDI1NTE5AAAAIDkpIMideN05ni89 -cmRjdbff6fj4qyukThD2X/gINlVMAAAAkOVOKvBjvIbIoc9JA2q8ui62PqP6dQwwsR94Vr -/czMBQah5jFKdH9vDiI2JLaGjoH4VvT9mzuPBoE0Vchk6MEpud2dNXWMdb2ubG1d9yTWfV -XhMXMeNd6UEjY7ypsldhR2X55dvIFeNr9B6A8dMy1Qpeyd62maBOwNdumbsG6MalXOFuv7 -srvnjlwUdHKZV9wg== ------END OPENSSH PRIVATE KEY----- diff --git a/test/integration/docker/ssh/client_key.pub b/test/integration/docker/ssh/client_key.pub deleted file mode 100644 index 6b0e3e9..0000000 --- a/test/integration/docker/ssh/client_key.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDkpIMideN05ni89cmRjdbff6fj4qyukThD2X/gINlVM root@client diff --git a/test/integration/docker/ssh/server_key b/test/integration/docker/ssh/server_key deleted file mode 100644 index 07774eb..0000000 --- a/test/integration/docker/ssh/server_key +++ /dev/null @@ -1,7 +0,0 @@ ------BEGIN OPENSSH PRIVATE KEY----- -b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW -QyNTUxOQAAACCXhJs2H7dvamDdK51mhWEAGuXnBsCVEKdWxyPjWYNgigAAAJDx95CI8feQ -iAAAAAtzc2gtZWQyNTUxOQAAACCXhJs2H7dvamDdK51mhWEAGuXnBsCVEKdWxyPjWYNgig -AAAEBkubMLhAF/0hCKnq2l3BuexD4UIQ+qcXW5ke+DWhQ8DJeEmzYft29qYN0rnWaFYQAa -5ecGwJUQp1bHI+NZg2CKAAAAC3Jvb3RAc2VydmVyAQI= ------END OPENSSH PRIVATE KEY----- diff --git a/test/integration/docker/ssh/server_key.pub b/test/integration/docker/ssh/server_key.pub deleted file mode 100644 index 601277f..0000000 --- a/test/integration/docker/ssh/server_key.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJeEmzYft29qYN0rnWaFYQAa5ecGwJUQp1bHI+NZg2CK root@server diff --git a/test/integration/docker/test.sh b/test/integration/docker/test.sh index 7c76298..7948be0 100755 --- a/test/integration/docker/test.sh +++ b/test/integration/docker/test.sh @@ -8,6 +8,9 @@ readonly script_dir script_name="$( basename -- "${BASH_SOURCE[0]}" )" readonly script_name +readonly ssh_dir="$script_dir/ssh" +readonly client_key_password='password' + dump() { local prefix="${FUNCNAME[0]}" [ "${#FUNCNAME[@]}" -gt 1 ] && prefix="${FUNCNAME[1]}" @@ -18,6 +21,32 @@ dump() { done } +cleanup() { + echo + echo ---------------------------------------------------------------------- + echo Cleaning up + echo ---------------------------------------------------------------------- + + remove_ssh_keys + kill_ssh_agent +} + +generate_ssh_keys() { + echo + echo ---------------------------------------------------------------------- + echo Generating SSH keys + echo ---------------------------------------------------------------------- + + mkdir -p -- "$ssh_dir" + + ssh-keygen -t rsa -b 4096 -f "$ssh_dir/client_key" -N "$client_key_password" + ssh-keygen -t rsa -b 4096 -f "$ssh_dir/server_key" -N '' +} + +remove_ssh_keys() { + rm -rf -- "$ssh_dir" +} + kill_ssh_agent() { [ -n "${SSH_AGENT_PID:+x}" ] || return 0 dump "killing ssh-agent with PID $SSH_AGENT_PID" @@ -37,7 +66,6 @@ spawn_ssh_agent() { dump "could not start ssh-agent" >&2 return 1 fi - trap kill_ssh_agent EXIT } setup_ssh_agent() { @@ -48,9 +76,8 @@ setup_ssh_agent() { spawn_ssh_agent - local key='ssh/client_key' + local key="$ssh_dir/client_key" chmod 0600 -- "$key" - local password='password' local askpass_path askpass_path="$( mktemp --tmpdir="$script_dir" )" @@ -62,7 +89,7 @@ setup_ssh_agent() { chmod 0700 -- "$askpass_path" local echo_password - echo_password="$( printf -- 'echo %q' "$password" )" + echo_password="$( printf -- 'echo %q' "$client_key_password" )" echo "$echo_password" > "$askpass_path" SSH_ASKPASS="$askpass_path" SSH_ASKPASS_REQUIRE=force DISPLAY= ssh-add "$key" > /dev/null 2>&1 < /dev/null @@ -78,6 +105,7 @@ docker_build() { } setup() { + generate_ssh_keys setup_ssh_agent docker_build } @@ -122,6 +150,7 @@ verify() { } main() { + trap cleanup EXIT pushd -- "$script_dir" > /dev/null setup run -- cgit v1.2.3