Skip to content

Commit

Permalink
Inject and configure helper if ssh signature support enabled
Browse files Browse the repository at this point in the history
  • Loading branch information
janekbaraniewski committed Jul 15, 2024
1 parent 90f4dce commit c5208e1
Show file tree
Hide file tree
Showing 4 changed files with 39 additions and 7 deletions.
23 changes: 20 additions & 3 deletions cmd/agent/container/credentials_server.go
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ import (
"github.com/loft-sh/devpod/pkg/credentials"
"github.com/loft-sh/devpod/pkg/dockercredentials"
"github.com/loft-sh/devpod/pkg/gitcredentials"
"github.com/loft-sh/devpod/pkg/gitsshsigning"
"github.com/loft-sh/devpod/pkg/netstat"
portpkg "github.com/loft-sh/devpod/pkg/port"
"github.com/loft-sh/log"
Expand All @@ -29,10 +30,12 @@ type CredentialsServerCmd struct {

User string

ConfigureGitHelper bool
ConfigureDockerHelper bool
ConfigureGitHelper bool
ConfigureGitSSHSignatureHelper bool
ConfigureDockerHelper bool

ForwardPorts bool
ForwardPorts bool
GitSSHSignatureSigningKey string
}

// NewCredentialsServerCmd creates a new command
Expand All @@ -49,9 +52,11 @@ func NewCredentialsServerCmd(flags *flags.GlobalFlags) *cobra.Command {
},
}
credentialsServerCmd.Flags().BoolVar(&cmd.ConfigureGitHelper, "configure-git-helper", false, "If true will configure git helper")
credentialsServerCmd.Flags().BoolVar(&cmd.ConfigureGitSSHSignatureHelper, "configure-git-ssh-signature-helper", false, "If true will configure git ssh signature helper")
credentialsServerCmd.Flags().BoolVar(&cmd.ConfigureDockerHelper, "configure-docker-helper", false, "If true will configure docker helper")
credentialsServerCmd.Flags().BoolVar(&cmd.ForwardPorts, "forward-ports", false, "If true will automatically try to forward open ports within the container")
credentialsServerCmd.Flags().StringVar(&cmd.User, "user", "", "The user to use")
credentialsServerCmd.Flags().StringVar(&cmd.GitSSHSignatureSigningKey, "signing-key", "", "Key to use")
_ = credentialsServerCmd.MarkFlagRequired("user")
return credentialsServerCmd
}
Expand Down Expand Up @@ -129,6 +134,18 @@ func (cmd *CredentialsServerCmd) Run(ctx context.Context, _ []string) error {
}(cmd.User)
}

if cmd.ConfigureGitSSHSignatureHelper {
err = gitsshsigning.ConfigureHelper(binaryPath, cmd.User, cmd.GitSSHSignatureSigningKey)

Check failure on line 138 in cmd/agent/container/credentials_server.go

View workflow job for this annotation

GitHub Actions / lint

undefined: gitsshsigning.ConfigureHelper

Check failure on line 138 in cmd/agent/container/credentials_server.go

View workflow job for this annotation

GitHub Actions / lint

undefined: gitsshsigning.ConfigureHelper

Check failure on line 138 in cmd/agent/container/credentials_server.go

View workflow job for this annotation

GitHub Actions / unit-tests

undefined: gitsshsigning.ConfigureHelper
if err != nil {
return errors.Wrap(err, "configure git ssh signature helper")
}

// cleanup when we are done
defer func(userName string) {
_ = gitsshsigning.RemoveHelper()

Check failure on line 145 in cmd/agent/container/credentials_server.go

View workflow job for this annotation

GitHub Actions / lint

undefined: gitsshsigning.RemoveHelper (typecheck)

Check failure on line 145 in cmd/agent/container/credentials_server.go

View workflow job for this annotation

GitHub Actions / lint

undefined: gitsshsigning.RemoveHelper) (typecheck)

Check failure on line 145 in cmd/agent/container/credentials_server.go

View workflow job for this annotation

GitHub Actions / unit-tests

undefined: gitsshsigning.RemoveHelper
}(cmd.User)
}

return credentials.RunCredentialsServer(ctx, port, tunnelClient, log)
}

Expand Down
15 changes: 11 additions & 4 deletions cmd/ssh.go
Original file line number Diff line number Diff line change
Expand Up @@ -39,10 +39,11 @@ type SSHCmd struct {
ForwardPorts []string
ReverseForwardPorts []string

Stdio bool
JumpContainer bool
AgentForwarding bool
GPGAgentForwarding bool
Stdio bool
JumpContainer bool
AgentForwarding bool
GPGAgentForwarding bool
GitSSHSignatureForwarding bool

StartServices bool

Expand Down Expand Up @@ -472,6 +473,12 @@ func (cmd *SSHCmd) startProxyServices(
if gitCredentials {
command += " --configure-git-helper"
}

// check if we should enable git ssh commit signature support
if cmd.GitSSHSignatureForwarding || devPodConfig.ContextOption(config.ContextOptionGitSSHSignatureForwarding) == "true" {
command += " --configure-git-ssh-signature-helper"
}

if log.GetLevel() == logrus.DebugLevel {
command += " --debug"
}
Expand Down
7 changes: 7 additions & 0 deletions pkg/config/context.go
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ package config
const (
ContextOptionSSHAddPrivateKeys = "SSH_ADD_PRIVATE_KEYS"
ContextOptionGPGAgentForwarding = "GPG_AGENT_FORWARDING"
ContextOptionGitSSHSignatureForwarding = "GIT_SSH_SIGNATURE_FORWARDING"
ContextOptionSSHInjectDockerCredentials = "SSH_INJECT_DOCKER_CREDENTIALS"
ContextOptionSSHInjectGitCredentials = "SSH_INJECT_GIT_CREDENTIALS"
ContextOptionExitAfterTimeout = "EXIT_AFTER_TIMEOUT"
Expand Down Expand Up @@ -33,6 +34,12 @@ var ContextOptions = []ContextOption{
Default: "false",
Enum: []string{"true", "false"},
},
{
Name: ContextOptionGitSSHSignatureForwarding,
Description: "Specifies if DevPod should automatically detect ssh signature git setting and inject ssh signature helper",
Default: "true",
Enum: []string{"true", "false"},
},
{
Name: ContextOptionSSHInjectDockerCredentials,
Description: "Specifies if DevPod should inject docker credentials into the workspace",
Expand Down
1 change: 1 addition & 0 deletions pkg/tunnel/services.go
Original file line number Diff line number Diff line change
Expand Up @@ -112,6 +112,7 @@ func RunInContainer(
command := fmt.Sprintf("'%s' agent container credentials-server --user '%s'", agent.ContainerDevPodHelperLocation, user)
if configureGitCredentials {
command += " --configure-git-helper"
command += " --configure-git-ssh-signature-helper"
}
if configureDockerCredentials {
command += " --configure-docker-helper"
Expand Down

0 comments on commit c5208e1

Please sign in to comment.