BigW Consortium Gitlab

Commit 211b2f39 by Lin Jen-Shin

Implement other ssh keys and use ssh-keygen instead

parent 9a538b9e
...@@ -6,5 +6,4 @@ gem 'capybara-screenshot', '~> 1.0.18' ...@@ -6,5 +6,4 @@ gem 'capybara-screenshot', '~> 1.0.18'
gem 'rake', '~> 12.3.0' gem 'rake', '~> 12.3.0'
gem 'rspec', '~> 3.7' gem 'rspec', '~> 3.7'
gem 'selenium-webdriver', '~> 3.8.0' gem 'selenium-webdriver', '~> 3.8.0'
gem 'net-ssh', require: false
gem 'airborne', '~> 0.2.13' gem 'airborne', '~> 0.2.13'
...@@ -46,7 +46,6 @@ GEM ...@@ -46,7 +46,6 @@ GEM
mini_mime (1.0.0) mini_mime (1.0.0)
mini_portile2 (2.3.0) mini_portile2 (2.3.0)
minitest (5.11.1) minitest (5.11.1)
net-ssh (4.1.0)
netrc (0.11.0) netrc (0.11.0)
nokogiri (1.8.1) nokogiri (1.8.1)
mini_portile2 (~> 2.3.0) mini_portile2 (~> 2.3.0)
...@@ -98,7 +97,6 @@ DEPENDENCIES ...@@ -98,7 +97,6 @@ DEPENDENCIES
airborne (~> 0.2.13) airborne (~> 0.2.13)
capybara (~> 2.16.1) capybara (~> 2.16.1)
capybara-screenshot (~> 1.0.18) capybara-screenshot (~> 1.0.18)
net-ssh
pry-byebug (~> 3.5.1) pry-byebug (~> 3.5.1)
rake (~> 12.3.0) rake (~> 12.3.0)
rspec (~> 3.7) rspec (~> 3.7)
......
...@@ -15,7 +15,11 @@ module QA ...@@ -15,7 +15,11 @@ module QA
autoload :API, 'qa/runtime/api' autoload :API, 'qa/runtime/api'
module Key module Key
autoload :Base, 'qa/runtime/key/base'
autoload :RSA, 'qa/runtime/key/rsa' autoload :RSA, 'qa/runtime/key/rsa'
autoload :DSA, 'qa/runtime/key/dsa'
autoload :ECDSA, 'qa/runtime/key/ecdsa'
autoload :ED25519, 'qa/runtime/key/ed25519'
end end
end end
......
module QA
module Runtime
module Key
class Base
attr_reader :private_key, :public_key, :fingerprint
def initialize(name, bits)
Dir.mktmpdir do |dir|
path = "#{dir}/id_#{name}"
ssh_keygen(name, bits, path)
populate_key_data(path)
end
end
private
def ssh_keygen(name, bits, path)
cmd = %W[ssh-keygen -t #{name} -b #{bits} -f #{path} -N] << ''
IO.popen([*cmd, err: %i[child out]]) do |io|
out = io.read
io.close
raise "ssh-keygen failed with output: #{out}" unless $?.success?
end
end
def populate_key_data(path)
@private_key = File.binread(path)
@public_key = File.binread("#{path}.pub")
@fingerprint =
`ssh-keygen -l -E md5 -f #{path} | cut -d' ' -f2 | cut -d: -f2-`.chomp
end
end
end
end
end
module QA
module Runtime
module Key
class DSA < Base
def initialize
super('dsa', 1024)
end
end
end
end
end
module QA
module Runtime
module Key
class ECDSA < Base
def initialize(bits = 521)
super('ecdsa', bits)
end
end
end
end
end
module QA
module Runtime
module Key
class ED25519 < Base
def initialize
super('ed25519', 256)
end
end
end
end
end
require 'net/ssh'
require 'forwardable'
module QA module QA
module Runtime module Runtime
module Key module Key
class RSA class RSA < Base
extend Forwardable
attr_reader :key
def_delegators :@key, :fingerprint, :to_pem
def initialize(bits = 4096) def initialize(bits = 4096)
@key = OpenSSL::PKey::RSA.new(bits) super('rsa', bits)
end
def public_key
@public_key ||= "#{key.ssh_type} #{[key.to_blob].pack('m0')}"
end end
end end
end end
......
...@@ -35,7 +35,7 @@ module QA ...@@ -35,7 +35,7 @@ module QA
Factory::Resource::SecretVariable.fabricate! do |resource| Factory::Resource::SecretVariable.fabricate! do |resource|
resource.project = project resource.project = project
resource.key = 'DEPLOY_KEY' resource.key = 'DEPLOY_KEY'
resource.value = key.to_pem resource.value = key.private_key
end end
project.visit! project.visit!
......
describe QA::Runtime::Key::DSA do
describe '#public_key' do
subject { described_class.new.public_key }
it 'generates a public DSA key' do
expect(subject).to match(%r{\Assh\-dss AAAA[0-9A-Za-z+/]+={0,3}})
end
end
end
describe QA::Runtime::Key::ECDSA do
describe '#public_key' do
[256, 384, 521].each do |bits|
it "generates a public #{bits}-bits ECDSA key" do
subject = described_class.new(bits).public_key
expect(subject).to match(%r{\Aecdsa\-sha2\-\w+ AAAA[0-9A-Za-z+/]+={0,3}})
end
end
end
describe '#new' do
it 'does not support arbitrary bits' do
expect { described_class.new(123) }.to raise_error(RuntimeError)
end
end
end
describe QA::Runtime::Key::ED25519 do
describe '#public_key' do
subject { described_class.new.public_key }
it 'generates a public ED25519 key' do
expect(subject).to match(%r{\Assh\-ed25519 AAAA[0-9A-Za-z+/]})
end
end
end
...@@ -3,7 +3,7 @@ describe QA::Runtime::Key::RSA do ...@@ -3,7 +3,7 @@ describe QA::Runtime::Key::RSA do
subject { described_class.new.public_key } subject { described_class.new.public_key }
it 'generates a public RSA key' do it 'generates a public RSA key' do
expect(subject).to match(%r{\Assh\-rsa AAAA[0-9A-Za-z+/]+={0,3}\z}) expect(subject).to match(%r{\Assh\-rsa AAAA[0-9A-Za-z+/]+={0,3}})
end end
end end
end end
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment