Skip to content

Commit

Permalink
Merge pull request #1375 from platformsh/ssh-include-despite-refresh-…
Browse files Browse the repository at this point in the history
…command

Include the SSH certificate in config even if refresh fails
  • Loading branch information
pjcdawkins authored Dec 23, 2023

Verified

This commit was signed with the committer’s verified signature.
brlin-tw 林博仁 Buo-ren Lin
2 parents 2cc4d1e + 5e091af commit 013832c
Showing 1 changed file with 13 additions and 16 deletions.
29 changes: 13 additions & 16 deletions src/Service/SshConfig.php
Original file line number Diff line number Diff line change
@@ -87,7 +87,10 @@ public function configureSessionSsh()
$this->fs->remove($legacy);
}

$domainWildcards = $this->config->get('api.ssh_domain_wildcards');
$domainWildcards = $this->config->getWithDefault('api.ssh_domain_wildcards', []);
if (!$domainWildcards) {
return false;
}

$lines = [];

@@ -99,29 +102,23 @@ public function configureSessionSsh()
}
// Use Match solely to run the refresh command.
$lines[] = '# Auto-refresh the SSH certificate:';
if ($domainWildcards) {
$lines[] = sprintf('Match host "%s" exec "%s"', \implode(',', $domainWildcards), $refreshCommand);
} else {
$lines[] = sprintf('Match exec "%s"', $refreshCommand);
}
$lines[] = '';
$lines[] = sprintf('Match host "%s" exec "%s"', \implode(',', $domainWildcards), $refreshCommand);
$lines[] = 'Host ' . implode(' ', $domainWildcards);

// Indentation in the SSH config is for readability (it has no other effect).
$lines[] = '';
$lines[] = '# Include the certificate and its key:';
$lines[] = sprintf('CertificateFile %s', $this->formatFilePath($certificate->certificateFilename()));
$lines[] = sprintf('IdentityFile %s', $this->formatFilePath($certificate->privateKeyFilename()));
$lines[] = '';
}

if ($domainWildcards) {
} else {
$lines[] = 'Host ' . implode(' ', $domainWildcards);
}

$sessionIdentityFile = $this->sshKey->selectIdentity();
if ($sessionIdentityFile !== null) {
$lines[] = '';
$lines[] = '# This SSH key was detected as corresponding to the session:';
$lines[] = sprintf('IdentityFile %s', $this->formatFilePath($sessionIdentityFile));
$lines[] = '';
}

$sessionSpecificFilename = $this->getSessionSshDir() . DIRECTORY_SEPARATOR . 'config';
@@ -135,11 +132,11 @@ public function configureSessionSsh()

// Add default files if there is no preferred session identity file.
if ($sessionIdentityFile === null && ($defaultFiles = $this->getUserDefaultSshIdentityFiles())) {
$lines[] = '';
$lines[] = '# Include SSH "default" identity files:';
foreach ($defaultFiles as $identityFile) {
$lines[] = sprintf('IdentityFile %s', $this->formatFilePath($identityFile));
}
$lines[] = '';
}

$this->writeSshIncludeFile($sessionSpecificFilename, $lines);
@@ -150,7 +147,7 @@ public function configureSessionSsh()
'# It is updated automatically when certain CLI commands are run.',
];

$wildcards = $this->config->get('api.ssh_domain_wildcards');
$wildcards = $this->config->getWithDefault('api.ssh_domain_wildcards', []);
if (count($wildcards)) {
$includerLines[] = 'Host ' . implode(' ', $wildcards);
$includerLines[] = ' Include ' . $sessionSpecificFilename;
@@ -241,9 +238,9 @@ public function addUserSshConfig(QuestionHelper $questionHelper)

$filename = $this->getUserSshConfigFilename();

$wildcards = $this->config->get('api.ssh_domain_wildcards');
$wildcards = $this->config->getWithDefault('api.ssh_domain_wildcards', []);
if (!$wildcards) {
return true;
return false;
}

$suggestedConfig = \implode("\n", [

0 comments on commit 013832c

Please sign in to comment.