Skip to content

Commit

Permalink
Merge pull request #1375 from platformsh/ssh-include-despite-refresh-…
Browse files Browse the repository at this point in the history
…command

Include the SSH certificate in config even if refresh fails
pjcdawkins authored Dec 23, 2023

Verified

This commit was signed with the committer’s verified signature.
ivangabriele Ivan Gabriele
2 parents 2cc4d1e + 5e091af commit 013832c
Showing 1 changed file with 13 additions and 16 deletions.
29 changes: 13 additions & 16 deletions src/Service/SshConfig.php
Original file line number Diff line number Diff line change
@@ -87,7 +87,10 @@ public function configureSessionSsh()
$this->fs->remove($legacy);
}

$domainWildcards = $this->config->get('api.ssh_domain_wildcards');
$domainWildcards = $this->config->getWithDefault('api.ssh_domain_wildcards', []);
if (!$domainWildcards) {
return false;
}

$lines = [];

@@ -99,29 +102,23 @@ public function configureSessionSsh()
}
// Use Match solely to run the refresh command.
$lines[] = '# Auto-refresh the SSH certificate:';
if ($domainWildcards) {
$lines[] = sprintf('Match host "%s" exec "%s"', \implode(',', $domainWildcards), $refreshCommand);
} else {
$lines[] = sprintf('Match exec "%s"', $refreshCommand);
}
$lines[] = '';
$lines[] = sprintf('Match host "%s" exec "%s"', \implode(',', $domainWildcards), $refreshCommand);
$lines[] = 'Host ' . implode(' ', $domainWildcards);

// Indentation in the SSH config is for readability (it has no other effect).
$lines[] = '';
$lines[] = '# Include the certificate and its key:';
$lines[] = sprintf('CertificateFile %s', $this->formatFilePath($certificate->certificateFilename()));
$lines[] = sprintf('IdentityFile %s', $this->formatFilePath($certificate->privateKeyFilename()));
$lines[] = '';
}

if ($domainWildcards) {
} else {
$lines[] = 'Host ' . implode(' ', $domainWildcards);
}

$sessionIdentityFile = $this->sshKey->selectIdentity();
if ($sessionIdentityFile !== null) {
$lines[] = '';
$lines[] = '# This SSH key was detected as corresponding to the session:';
$lines[] = sprintf('IdentityFile %s', $this->formatFilePath($sessionIdentityFile));
$lines[] = '';
}

$sessionSpecificFilename = $this->getSessionSshDir() . DIRECTORY_SEPARATOR . 'config';
@@ -135,11 +132,11 @@ public function configureSessionSsh()

// Add default files if there is no preferred session identity file.
if ($sessionIdentityFile === null && ($defaultFiles = $this->getUserDefaultSshIdentityFiles())) {
$lines[] = '';
$lines[] = '# Include SSH "default" identity files:';
foreach ($defaultFiles as $identityFile) {
$lines[] = sprintf('IdentityFile %s', $this->formatFilePath($identityFile));
}
$lines[] = '';
}

$this->writeSshIncludeFile($sessionSpecificFilename, $lines);
@@ -150,7 +147,7 @@ public function configureSessionSsh()
'# It is updated automatically when certain CLI commands are run.',
];

$wildcards = $this->config->get('api.ssh_domain_wildcards');
$wildcards = $this->config->getWithDefault('api.ssh_domain_wildcards', []);
if (count($wildcards)) {
$includerLines[] = 'Host ' . implode(' ', $wildcards);
$includerLines[] = ' Include ' . $sessionSpecificFilename;
@@ -241,9 +238,9 @@ public function addUserSshConfig(QuestionHelper $questionHelper)

$filename = $this->getUserSshConfigFilename();

$wildcards = $this->config->get('api.ssh_domain_wildcards');
$wildcards = $this->config->getWithDefault('api.ssh_domain_wildcards', []);
if (!$wildcards) {
return true;
return false;
}

$suggestedConfig = \implode("\n", [

0 comments on commit 013832c

Please sign in to comment.