[PATCH] Add environment variable SSH_PRIVATE_KEY_FILE
196 views
Skip to first unread message
Jasper Orschulko
Jul 2, 2021, 12:57:17 PM7/2/21
to kas-...@googlegroups.com, jan.k...@siemens.com, maciej.p...@3mdeb.com, sam.vr...@gmail.com, Jasper.O...@iris-sensing.com, Jasper Orschulko
From: Jasper Orschulko <Jasper.O...@iris-sensing.com>
Additionally to the variable SSH_PRIVATE_KEY, which can be used to
reference a private key saved as a string within a variable (the previous
documentation falsely stated, that it references a path and has been
adjusted), the new variable SSH_PRIVATE_KEY_FILE can now be used to reference
the path to a file containing the private key.
Signed-off-by: Jasper Orschulko <jas...@fancydomain.eu>
---
docs/command-line.rst | 128 ++++++++++++++++++++++--------------------
kas/libcmds.py | 4 +-
kas/libkas.py | 33 ++++++++---
3 files changed, 95 insertions(+), 70 deletions(-)
diff --git a/docs/command-line.rst b/docs/command-line.rst
index 91e4d6f..5eb51d8 100644
--- a/docs/command-line.rst
+++ b/docs/command-line.rst
@@ -10,67 +10,73 @@ Command line usage
Environment variables
---------------------
-+-----------------------+-----------------------------------------------------+
-| Environment variables | Description |
-+=======================+=====================================================+
-| ``KAS_WORK_DIR`` | The path of the kas work directory, current work |
-| | directory is the default. |
-+-----------------------+-----------------------------------------------------+
-| ``KAS_BUILD_DIR`` | The path build directory, ``${KAS_WORK_DIR}/build`` |
-| | is the default. |
-+-----------------------+-----------------------------------------------------+
-| ``KAS_REPO_REF_DIR`` | The path to the repository reference directory. |
-| | Repositories in this directory are used as |
-| | references when cloning. In order for kas to find |
-| | those repositories, they have to be named in a |
-| | specific way. The repo URLs are translated like |
-| | this: "https://github.com/siemens/meta-iot2000.git" |
-| | resolves to the name |
-| | "github.com.siemens.meta-iot2000.git". |
-+-----------------------+-----------------------------------------------------+
-| ``KAS_DISTRO`` | This overwrites the respective setting in the |
-| ``KAS_MACHINE`` | configuration file. |
-| ``KAS_TARGET`` | |
-| ``KAS_TASK`` | |
-+-----------------------+-----------------------------------------------------+
-| ``KAS_PREMIRRORS`` | Specifies alternatives for repo URLs. Just like |
-| | bitbake ``PREMIRRORS``, this variable consists of |
-| | new-line separated entries. Each entry defines a |
-| | regular expression to match a URL and, space- |
-| | separated, its replacement. E.g.: |
-| | "https://.*\.somehost\.io/ https://localmirror.net/"|
-+-----------------------+-----------------------------------------------------+
-| ``SSH_PRIVATE_KEY`` | Path to the private key file that should be added |
-| | to an internal ssh-agent. This key cannot be |
-| | password protected. This setting is useful for CI |
-| | build servers. On desktop machines, an ssh-agent |
-| | running outside the kas environment is more useful. |
-+-----------------------+-----------------------------------------------------+
-| ``SSH_AUTH_SOCK`` | SSH authentication socket. Used for cloning over |
-| | SSH (alternative to ``SSH_PRIVATE_KEY``). |
-+-----------------------+-----------------------------------------------------+
-| ``DL_DIR`` | Environment variables that are transferred to the |
-| ``SSTATE_DIR`` | bitbake environment. |
-| ``TMPDIR`` | |
-+-----------------------+-----------------------------------------------------+
-| ``http_proxy`` | This overwrites the proxy configuration in the |
-| ``https_proxy`` | configuration file. |
-| ``ftp_proxy`` | |
-| ``no_proxy`` | |
-+-----------------------+-----------------------------------------------------+
-| ``GIT_PROXY_COMMAND`` | Set proxy for native git fetches. ``NO_PROXY`` is |
-| ``NO_PROXY`` | evaluated by OpenEmbedded's oe-git-proxy script. |
-+-----------------------+-----------------------------------------------------+
-| ``SHELL`` | The shell to start when using the `shell` plugin. |
-+-----------------------+-----------------------------------------------------+
-| ``TERM`` | The terminal options used in the `shell` plugin. |
-+-----------------------+-----------------------------------------------------+
-| ``AWS_CONFIG_FILE`` | Path to the awscli configuration and credentials |
-| |aws_cred| | file that are copied to the kas home dir. |
-+-----------------------+-----------------------------------------------------+
-| |git_cred| | Allows to set the git credential helper in the |
-| | `.gitconfig` of the kas user. |
-+-----------------------+-----------------------------------------------------+
++--------------------------+-----------------------------------------------------+
+| Environment variables | Description |
++==========================+=====================================================+
+| ``KAS_WORK_DIR`` | The path of the kas work directory, current work |
+| | directory is the default. |
++--------------------------+-----------------------------------------------------+
+| ``KAS_BUILD_DIR`` | The path build directory, ``${KAS_WORK_DIR}/build`` |
+| | is the default. |
++--------------------------+-----------------------------------------------------+
+| ``KAS_REPO_REF_DIR`` | The path to the repository reference directory. |
+| | Repositories in this directory are used as |
+| | references when cloning. In order for kas to find |
+| | those repositories, they have to be named in a |
+| | specific way. The repo URLs are translated like |
+| | this: "https://github.com/siemens/meta-iot2000.git" |
+| | resolves to the name |
+| | "github.com.siemens.meta-iot2000.git". |
++--------------------------+-----------------------------------------------------+
+| ``KAS_DISTRO`` | This overwrites the respective setting in the |
+| ``KAS_MACHINE`` | configuration file. |
+| ``KAS_TARGET`` | |
+| ``KAS_TASK`` | |
++--------------------------+-----------------------------------------------------+
+| ``KAS_PREMIRRORS`` | Specifies alternatives for repo URLs. Just like |
+| | bitbake ``PREMIRRORS``, this variable consists of |
+| | new-line separated entries. Each entry defines a |
+| | regular expression to match a URL and, space- |
+| | separated, its replacement. E.g.: |
+| | "https://.*\.somehost\.io/ https://localmirror.net/"|
++--------------------------+-----------------------------------------------------+
+| ``SSH_PRIVATE_KEY`` | Variable containing the private key that should be |
+| | added to an internal ssh-agent. This key cannot be |
+| | password protected. This setting is useful for CI |
+| | build servers. On desktop machines, an ssh-agent |
+| | running outside the kas environment is more useful. |
++--------------------------+-----------------------------------------------------+
+| ``SSH_PRIVATE_KEY_FILE`` | Path to the private key file that should be added |
+| | to an internal ssh-agent. This key cannot be |
+| | password protected. This setting is useful for CI |
+| | build servers. On desktop machines, an ssh-agent |
+| | running outside the kas environment is more useful. |
++--------------------------+-----------------------------------------------------+
+| ``SSH_AUTH_SOCK`` | SSH authentication socket. Used for cloning over |
+| | SSH (alternative to ``SSH_PRIVATE_KEY``). |
++--------------------------+-----------------------------------------------------+
+| ``DL_DIR`` | Environment variables that are transferred to the |
+| ``SSTATE_DIR`` | bitbake environment. |
+| ``TMPDIR`` | |
++--------------------------+-----------------------------------------------------+
+| ``http_proxy`` | This overwrites the proxy configuration in the |
+| ``https_proxy`` | configuration file. |
+| ``ftp_proxy`` | |
+| ``no_proxy`` | |
++--------------------------+-----------------------------------------------------+
+| ``GIT_PROXY_COMMAND`` | Set proxy for native git fetches. ``NO_PROXY`` is |
+| ``NO_PROXY`` | evaluated by OpenEmbedded's oe-git-proxy script. |
++--------------------------+-----------------------------------------------------+
+| ``SHELL`` | The shell to start when using the `shell` plugin. |
++--------------------------+-----------------------------------------------------+
+| ``TERM`` | The terminal options used in the `shell` plugin. |
++--------------------------+-----------------------------------------------------+
+| ``AWS_CONFIG_FILE`` | Path to the awscli configuration and credentials |
+| |aws_cred| | file that are copied to the kas home dir. |
++--------------------------+-----------------------------------------------------+
+| |git_cred| | Allows to set the git credential helper in the |
+| | `.gitconfig` of the kas user. |
++--------------------------+-----------------------------------------------------+
.. |aws_cred| replace:: ``AWS_SHARED_CREDENTIALS_FILE``
.. |git_cred| replace:: ``GIT_CREDENTIAL_HELPER``
diff --git a/kas/libcmds.py b/kas/libcmds.py
index 9f43955..447734b 100644
--- a/kas/libcmds.py
+++ b/kas/libcmds.py
@@ -50,7 +50,7 @@ class Macro:
SetupDir(),
]
- if 'SSH_PRIVATE_KEY' in os.environ:
+ if 'SSH_PRIVATE_KEY' or 'SSH_PRIVATE_KEY_FILE' in os.environ:
self.setup_commands.append(SetupSSHAgent())
self.setup_commands += [
@@ -65,7 +65,7 @@ class Macro:
else:
self.setup_commands = []
- if use_common_cleanup and 'SSH_PRIVATE_KEY' in os.environ:
+ if use_common_cleanup and ('SSH_PRIVATE_KEY' or 'SSH_PRIVATE_KEY_FILE') in os.environ:
self.cleanup_commands = [
CleanupSSHAgent(),
]
diff --git a/kas/libkas.py b/kas/libkas.py
index 939589f..959be23 100644
--- a/kas/libkas.py
+++ b/kas/libkas.py
@@ -268,6 +268,15 @@ def get_build_environ(build_system):
return env
+def ssh_add_key_file(env, key_path):
+ """
+ Adds an ssh key file to the ssh-agent
+ """
+ with open(key_path) as f:
+ key = f.read()
+ ssh_add_key(env, key)
+
+
def ssh_add_key(env, key):
"""
Adds an ssh key to the ssh-agent
@@ -276,7 +285,6 @@ def ssh_add_key(env, key):
# unhelpfully prompts for a password
if not key.endswith('\n'):
key += '\n'
-
process = Popen(['ssh-add', '-'], stdin=PIPE, stdout=None,
stderr=PIPE, env=env)
(_, error) = process.communicate(input=str.encode(key))
@@ -307,20 +315,31 @@ def ssh_setup_agent(envkeys=None):
Starts the ssh-agent
"""
env = get_context().environ
- envkeys = envkeys or ['SSH_PRIVATE_KEY']
+ envkeys = envkeys or ['SSH_PRIVATE_KEY', 'SSH_PRIVATE_KEY_FILE']
output = os.popen('ssh-agent -s').readlines()
for line in output:
matches = re.search(r"(\S+)\=(\S+)\;", line)
if matches:
env[matches.group(1)] = matches.group(2)
+ found = False
for envkey in envkeys:
- key = os.environ.get(envkey)
- if key:
- logging.info("adding SSH key")
- ssh_add_key(env, key)
+ if envkey == 'SSH_PRIVATE_KEY_FILE':
+ key_path = os.environ.get(envkey)
+ if key_path:
+ found = True
+ logging.info("adding SSH key")
+ ssh_add_key_file(env, key_path)
else:
- logging.warning('%s is missing', envkey)
+ key = os.environ.get(envkey)
+ if key:
+ found = True
+ logging.info("adding SSH key")
+ ssh_add_key(env, key)
+
+ if found != True:
+ warning = "None of the following environment keys were set: " + ", ".join(envkeys)
+ logging.warning(warning)
def ssh_no_host_key_check():
--
2.32.0
Additionally to the variable SSH_PRIVATE_KEY, which can be used to
reference a private key saved as a string within a variable (the previous
documentation falsely stated, that it references a path and has been
adjusted), the new variable SSH_PRIVATE_KEY_FILE can now be used to reference
the path to a file containing the private key.
Signed-off-by: Jasper Orschulko <jas...@fancydomain.eu>
---
docs/command-line.rst | 128 ++++++++++++++++++++++--------------------
kas/libcmds.py | 4 +-
kas/libkas.py | 33 ++++++++---
3 files changed, 95 insertions(+), 70 deletions(-)
diff --git a/docs/command-line.rst b/docs/command-line.rst
index 91e4d6f..5eb51d8 100644
--- a/docs/command-line.rst
+++ b/docs/command-line.rst
@@ -10,67 +10,73 @@ Command line usage
Environment variables
---------------------
-+-----------------------+-----------------------------------------------------+
-| Environment variables | Description |
-+=======================+=====================================================+
-| ``KAS_WORK_DIR`` | The path of the kas work directory, current work |
-| | directory is the default. |
-+-----------------------+-----------------------------------------------------+
-| ``KAS_BUILD_DIR`` | The path build directory, ``${KAS_WORK_DIR}/build`` |
-| | is the default. |
-+-----------------------+-----------------------------------------------------+
-| ``KAS_REPO_REF_DIR`` | The path to the repository reference directory. |
-| | Repositories in this directory are used as |
-| | references when cloning. In order for kas to find |
-| | those repositories, they have to be named in a |
-| | specific way. The repo URLs are translated like |
-| | this: "https://github.com/siemens/meta-iot2000.git" |
-| | resolves to the name |
-| | "github.com.siemens.meta-iot2000.git". |
-+-----------------------+-----------------------------------------------------+
-| ``KAS_DISTRO`` | This overwrites the respective setting in the |
-| ``KAS_MACHINE`` | configuration file. |
-| ``KAS_TARGET`` | |
-| ``KAS_TASK`` | |
-+-----------------------+-----------------------------------------------------+
-| ``KAS_PREMIRRORS`` | Specifies alternatives for repo URLs. Just like |
-| | bitbake ``PREMIRRORS``, this variable consists of |
-| | new-line separated entries. Each entry defines a |
-| | regular expression to match a URL and, space- |
-| | separated, its replacement. E.g.: |
-| | "https://.*\.somehost\.io/ https://localmirror.net/"|
-+-----------------------+-----------------------------------------------------+
-| ``SSH_PRIVATE_KEY`` | Path to the private key file that should be added |
-| | to an internal ssh-agent. This key cannot be |
-| | password protected. This setting is useful for CI |
-| | build servers. On desktop machines, an ssh-agent |
-| | running outside the kas environment is more useful. |
-+-----------------------+-----------------------------------------------------+
-| ``SSH_AUTH_SOCK`` | SSH authentication socket. Used for cloning over |
-| | SSH (alternative to ``SSH_PRIVATE_KEY``). |
-+-----------------------+-----------------------------------------------------+
-| ``DL_DIR`` | Environment variables that are transferred to the |
-| ``SSTATE_DIR`` | bitbake environment. |
-| ``TMPDIR`` | |
-+-----------------------+-----------------------------------------------------+
-| ``http_proxy`` | This overwrites the proxy configuration in the |
-| ``https_proxy`` | configuration file. |
-| ``ftp_proxy`` | |
-| ``no_proxy`` | |
-+-----------------------+-----------------------------------------------------+
-| ``GIT_PROXY_COMMAND`` | Set proxy for native git fetches. ``NO_PROXY`` is |
-| ``NO_PROXY`` | evaluated by OpenEmbedded's oe-git-proxy script. |
-+-----------------------+-----------------------------------------------------+
-| ``SHELL`` | The shell to start when using the `shell` plugin. |
-+-----------------------+-----------------------------------------------------+
-| ``TERM`` | The terminal options used in the `shell` plugin. |
-+-----------------------+-----------------------------------------------------+
-| ``AWS_CONFIG_FILE`` | Path to the awscli configuration and credentials |
-| |aws_cred| | file that are copied to the kas home dir. |
-+-----------------------+-----------------------------------------------------+
-| |git_cred| | Allows to set the git credential helper in the |
-| | `.gitconfig` of the kas user. |
-+-----------------------+-----------------------------------------------------+
++--------------------------+-----------------------------------------------------+
+| Environment variables | Description |
++==========================+=====================================================+
+| ``KAS_WORK_DIR`` | The path of the kas work directory, current work |
+| | directory is the default. |
++--------------------------+-----------------------------------------------------+
+| ``KAS_BUILD_DIR`` | The path build directory, ``${KAS_WORK_DIR}/build`` |
+| | is the default. |
++--------------------------+-----------------------------------------------------+
+| ``KAS_REPO_REF_DIR`` | The path to the repository reference directory. |
+| | Repositories in this directory are used as |
+| | references when cloning. In order for kas to find |
+| | those repositories, they have to be named in a |
+| | specific way. The repo URLs are translated like |
+| | this: "https://github.com/siemens/meta-iot2000.git" |
+| | resolves to the name |
+| | "github.com.siemens.meta-iot2000.git". |
++--------------------------+-----------------------------------------------------+
+| ``KAS_DISTRO`` | This overwrites the respective setting in the |
+| ``KAS_MACHINE`` | configuration file. |
+| ``KAS_TARGET`` | |
+| ``KAS_TASK`` | |
++--------------------------+-----------------------------------------------------+
+| ``KAS_PREMIRRORS`` | Specifies alternatives for repo URLs. Just like |
+| | bitbake ``PREMIRRORS``, this variable consists of |
+| | new-line separated entries. Each entry defines a |
+| | regular expression to match a URL and, space- |
+| | separated, its replacement. E.g.: |
+| | "https://.*\.somehost\.io/ https://localmirror.net/"|
++--------------------------+-----------------------------------------------------+
+| ``SSH_PRIVATE_KEY`` | Variable containing the private key that should be |
+| | added to an internal ssh-agent. This key cannot be |
+| | password protected. This setting is useful for CI |
+| | build servers. On desktop machines, an ssh-agent |
+| | running outside the kas environment is more useful. |
++--------------------------+-----------------------------------------------------+
+| ``SSH_PRIVATE_KEY_FILE`` | Path to the private key file that should be added |
+| | to an internal ssh-agent. This key cannot be |
+| | password protected. This setting is useful for CI |
+| | build servers. On desktop machines, an ssh-agent |
+| | running outside the kas environment is more useful. |
++--------------------------+-----------------------------------------------------+
+| ``SSH_AUTH_SOCK`` | SSH authentication socket. Used for cloning over |
+| | SSH (alternative to ``SSH_PRIVATE_KEY``). |
++--------------------------+-----------------------------------------------------+
+| ``DL_DIR`` | Environment variables that are transferred to the |
+| ``SSTATE_DIR`` | bitbake environment. |
+| ``TMPDIR`` | |
++--------------------------+-----------------------------------------------------+
+| ``http_proxy`` | This overwrites the proxy configuration in the |
+| ``https_proxy`` | configuration file. |
+| ``ftp_proxy`` | |
+| ``no_proxy`` | |
++--------------------------+-----------------------------------------------------+
+| ``GIT_PROXY_COMMAND`` | Set proxy for native git fetches. ``NO_PROXY`` is |
+| ``NO_PROXY`` | evaluated by OpenEmbedded's oe-git-proxy script. |
++--------------------------+-----------------------------------------------------+
+| ``SHELL`` | The shell to start when using the `shell` plugin. |
++--------------------------+-----------------------------------------------------+
+| ``TERM`` | The terminal options used in the `shell` plugin. |
++--------------------------+-----------------------------------------------------+
+| ``AWS_CONFIG_FILE`` | Path to the awscli configuration and credentials |
+| |aws_cred| | file that are copied to the kas home dir. |
++--------------------------+-----------------------------------------------------+
+| |git_cred| | Allows to set the git credential helper in the |
+| | `.gitconfig` of the kas user. |
++--------------------------+-----------------------------------------------------+
.. |aws_cred| replace:: ``AWS_SHARED_CREDENTIALS_FILE``
.. |git_cred| replace:: ``GIT_CREDENTIAL_HELPER``
diff --git a/kas/libcmds.py b/kas/libcmds.py
index 9f43955..447734b 100644
--- a/kas/libcmds.py
+++ b/kas/libcmds.py
@@ -50,7 +50,7 @@ class Macro:
SetupDir(),
]
- if 'SSH_PRIVATE_KEY' in os.environ:
+ if 'SSH_PRIVATE_KEY' or 'SSH_PRIVATE_KEY_FILE' in os.environ:
self.setup_commands.append(SetupSSHAgent())
self.setup_commands += [
@@ -65,7 +65,7 @@ class Macro:
else:
self.setup_commands = []
- if use_common_cleanup and 'SSH_PRIVATE_KEY' in os.environ:
+ if use_common_cleanup and ('SSH_PRIVATE_KEY' or 'SSH_PRIVATE_KEY_FILE') in os.environ:
self.cleanup_commands = [
CleanupSSHAgent(),
]
diff --git a/kas/libkas.py b/kas/libkas.py
index 939589f..959be23 100644
--- a/kas/libkas.py
+++ b/kas/libkas.py
@@ -268,6 +268,15 @@ def get_build_environ(build_system):
return env
+def ssh_add_key_file(env, key_path):
+ """
+ Adds an ssh key file to the ssh-agent
+ """
+ with open(key_path) as f:
+ key = f.read()
+ ssh_add_key(env, key)
+
+
def ssh_add_key(env, key):
"""
Adds an ssh key to the ssh-agent
@@ -276,7 +285,6 @@ def ssh_add_key(env, key):
# unhelpfully prompts for a password
if not key.endswith('\n'):
key += '\n'
-
process = Popen(['ssh-add', '-'], stdin=PIPE, stdout=None,
stderr=PIPE, env=env)
(_, error) = process.communicate(input=str.encode(key))
@@ -307,20 +315,31 @@ def ssh_setup_agent(envkeys=None):
Starts the ssh-agent
"""
env = get_context().environ
- envkeys = envkeys or ['SSH_PRIVATE_KEY']
+ envkeys = envkeys or ['SSH_PRIVATE_KEY', 'SSH_PRIVATE_KEY_FILE']
output = os.popen('ssh-agent -s').readlines()
for line in output:
matches = re.search(r"(\S+)\=(\S+)\;", line)
if matches:
env[matches.group(1)] = matches.group(2)
+ found = False
for envkey in envkeys:
- key = os.environ.get(envkey)
- if key:
- logging.info("adding SSH key")
- ssh_add_key(env, key)
+ if envkey == 'SSH_PRIVATE_KEY_FILE':
+ key_path = os.environ.get(envkey)
+ if key_path:
+ found = True
+ logging.info("adding SSH key")
+ ssh_add_key_file(env, key_path)
else:
- logging.warning('%s is missing', envkey)
+ key = os.environ.get(envkey)
+ if key:
+ found = True
+ logging.info("adding SSH key")
+ ssh_add_key(env, key)
+
+ if found != True:
+ warning = "None of the following environment keys were set: " + ", ".join(envkeys)
+ logging.warning(warning)
def ssh_no_host_key_check():
--
2.32.0
Jan Kiszka
Jul 3, 2021, 12:12:31 PM7/3/21
to Jasper Orschulko, kas-...@googlegroups.com, maciej.p...@3mdeb.com, sam.vr...@gmail.com, Jasper.O...@iris-sensing.com
reported issues. The logic looks good to me, though.
Jan
--
Siemens AG, T RDA IOT
Corporate Competence Center Embedded Linux
Jasper Orschulko
Jul 3, 2021, 5:36:49 PM7/3/21
to kas-...@googlegroups.com, jan.k...@siemens.com, maciej.p...@3mdeb.com, sam.vr...@gmail.com, Jasper.O...@iris-sensing.com, Jasper Orschulko
Additionally to the variable SSH_PRIVATE_KEY, which can be used to
reference a private key saved as a string within a variable (the previous
documentation falsely stated, that it references a path and has been
adjusted), the new variable SSH_PRIVATE_KEY_FILE can now be used to reference
the path to a file containing the private key.
Signed-off-by: Jasper Orschulko <jas...@fancydomain.eu>
---
docs/command-line.rst | 134 +++++++++++++++++++++++-------------------
reference a private key saved as a string within a variable (the previous
documentation falsely stated, that it references a path and has been
adjusted), the new variable SSH_PRIVATE_KEY_FILE can now be used to reference
the path to a file containing the private key.
Signed-off-by: Jasper Orschulko <jas...@fancydomain.eu>
---
kas/libcmds.py | 5 +-
kas/libkas.py | 33 +++++++++--
3 files changed, 103 insertions(+), 69 deletions(-)
diff --git a/docs/command-line.rst b/docs/command-line.rst
index 91e4d6f..86f6b7b 100644
--- a/docs/command-line.rst
+++ b/docs/command-line.rst
@@ -10,67 +10,79 @@ Command line usage
+| Environment variables | Description |
++==========================+==================================================+
+| ``KAS_WORK_DIR`` | The path of the kas work directory, current work |
+| | directory is the default. |
++--------------------------+--------------------------------------------------+
+| | directory is the default. |
+| ``KAS_BUILD_DIR`` | The path build directory, |
+| | ``${KAS_WORK_DIR}/build`` is the default. |
++--------------------------+--------------------------------------------------+
+| ``KAS_REPO_REF_DIR`` | The path to the repository reference directory. |
+| | Repositories in this directory are used as |
+| | references when cloning. In order for kas to |
+| | find those repositories, they have to be named |
+| | Repositories in this directory are used as |
+| | references when cloning. In order for kas to |
+| | in a specific way. The repo URLs are translated |
+| | like this: |
+| | "https://github.com/siemens/meta-iot2000.git" |
+| | resolves to the name |
+| | "github.com.siemens.meta-iot2000.git". |
++--------------------------+--------------------------------------------------+
+| | "github.com.siemens.meta-iot2000.git". |
+| ``KAS_DISTRO`` | This overwrites the respective setting in the |
+| ``KAS_MACHINE`` | configuration file. |
+| ``KAS_TARGET`` | |
+| ``KAS_TASK`` | |
++--------------------------+--------------------------------------------------+
+| ``KAS_MACHINE`` | configuration file. |
+| ``KAS_TARGET`` | |
+| ``KAS_TASK`` | |
+| ``KAS_PREMIRRORS`` | Specifies alternatives for repo URLs. Just like |
+| | bitbake ``PREMIRRORS``, this variable consists |
+| | of new-line separated entries. Each entry |
+| | bitbake ``PREMIRRORS``, this variable consists |
+| | defines a regular expression to match a URL and, |
+| | space-separated, its replacement. E.g.: |
+| | "http://.*\.someurl\.io/ http://localmirror.net/"|
++--------------------------+--------------------------------------------------+
+| ``SSH_PRIVATE_KEY`` | Variable containing the private key that should |
+| | be added to an internal ssh-agent. This key |
+| | cannot be password protected. This setting is |
+| | useful for CI build servers. On desktop |
+| | machines, an ssh-agent running outside the kas |
+| | environment is more useful. |
++--------------------------+--------------------------------------------------+
+| ``SSH_PRIVATE_KEY_FILE`` | Path to the private key file that should be |
+| | added to an internal ssh-agent. This key cannot |
+| | be password protected. This setting is useful |
+| | for CI build servers. On desktop machines, an |
+| | ssh-agent running outside the kas environment is |
+| | more useful. |
++--------------------------+--------------------------------------------------+
+| ``SSH_AUTH_SOCK`` | SSH authentication socket. Used for cloning over |
+| | SSH (alternative to ``SSH_PRIVATE_KEY`` or |
+| | ``SSH_PRIVATE_KEY_FILE``). |
++--------------------------+--------------------------------------------------+
+| ``DL_DIR`` | Environment variables that are transferred to |
+| ``SSTATE_DIR`` | the bitbake environment. |
+| ``TMPDIR`` | |
++--------------------------+--------------------------------------------------+
+| ``http_proxy`` | This overwrites the proxy configuration in the |
+| ``https_proxy`` | configuration file. |
+| ``ftp_proxy`` | |
+| ``no_proxy`` | |
++--------------------------+--------------------------------------------------+
+| ``https_proxy`` | configuration file. |
+| ``ftp_proxy`` | |
+| ``no_proxy`` | |
+| ``GIT_PROXY_COMMAND`` | Set proxy for native git fetches. ``NO_PROXY`` |
+| ``NO_PROXY`` | is evaluated by OpenEmbedded's oe-git-proxy |
+| | script. |
++--------------------------+--------------------------------------------------+
+| ``SHELL`` | The shell to start when using the `shell` |
+| | plugin. |
++--------------------------+--------------------------------------------------+
+| ``TERM`` | The terminal options used in the `shell` plugin. |
++--------------------------+--------------------------------------------------+
+| ``AWS_CONFIG_FILE`` | Path to the awscli configuration and credentials |
+| |aws_cred| | file that are copied to the kas home dir. |
++--------------------------+--------------------------------------------------+
+| |aws_cred| | file that are copied to the kas home dir. |
+| |git_cred| | Allows to set the git credential helper in the |
+| | `.gitconfig` of the kas user. |
++--------------------------+--------------------------------------------------+
+| | `.gitconfig` of the kas user. |
.. |aws_cred| replace:: ``AWS_SHARED_CREDENTIALS_FILE``
.. |git_cred| replace:: ``GIT_CREDENTIAL_HELPER``
diff --git a/kas/libcmds.py b/kas/libcmds.py
--- a/kas/libcmds.py
+++ b/kas/libcmds.py
@@ -50,7 +50,7 @@ class Macro:
SetupDir(),
]
- if 'SSH_PRIVATE_KEY' in os.environ:
+ if 'SSH_PRIVATE_KEY' or 'SSH_PRIVATE_KEY_FILE' in os.environ:
self.setup_commands.append(SetupSSHAgent())
self.setup_commands += [
@@ -65,7 +65,8 @@ class Macro:
+++ b/kas/libcmds.py
@@ -50,7 +50,7 @@ class Macro:
SetupDir(),
]
- if 'SSH_PRIVATE_KEY' in os.environ:
+ if 'SSH_PRIVATE_KEY' or 'SSH_PRIVATE_KEY_FILE' in os.environ:
self.setup_commands.append(SetupSSHAgent())
self.setup_commands += [
else:
self.setup_commands = []
- if use_common_cleanup and 'SSH_PRIVATE_KEY' in os.environ:
+ if use_common_cleanup and \
self.setup_commands = []
- if use_common_cleanup and 'SSH_PRIVATE_KEY' in os.environ:
+ ('SSH_PRIVATE_KEY' or 'SSH_PRIVATE_KEY_FILE') in os.environ:
self.cleanup_commands = [
CleanupSSHAgent(),
]
diff --git a/kas/libkas.py b/kas/libkas.py
index 939589f..215f80a 100644
CleanupSSHAgent(),
]
diff --git a/kas/libkas.py b/kas/libkas.py
--- a/kas/libkas.py
+++ b/kas/libkas.py
@@ -268,6 +268,15 @@ def get_build_environ(build_system):
return env
+def ssh_add_key_file(env, key_path):
+ """
+ Adds an ssh key file to the ssh-agent
+ """
+ with open(key_path) as f:
+ key = f.read()
+ ssh_add_key(env, key)
+
+
def ssh_add_key(env, key):
"""
Adds an ssh key to the ssh-agent
@@ -307,20 +316,32 @@ def ssh_setup_agent(envkeys=None):
+++ b/kas/libkas.py
@@ -268,6 +268,15 @@ def get_build_environ(build_system):
return env
+def ssh_add_key_file(env, key_path):
+ """
+ Adds an ssh key file to the ssh-agent
+ """
+ with open(key_path) as f:
+ key = f.read()
+ ssh_add_key(env, key)
+
+
def ssh_add_key(env, key):
"""
Adds an ssh key to the ssh-agent
+ warning = "None of the following environment keys were set: " + \
+ ", ".join(envkeys)
+ logging.warning(warning)
def ssh_no_host_key_check():
--
+ logging.warning(warning)
def ssh_no_host_key_check():
2.32.0
Jasper Orschulko
Jul 3, 2021, 5:40:05 PM7/3/21
to jan.k...@siemens.com, kas-...@googlegroups.com, jas...@fancydomain.eu, maciej.p...@3mdeb.com, sam.vr...@gmail.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Done. FYI, I had to change the example for KAS_PREMIRRORS, so it would
still fit into the 80 columns. Please tell me, if you'd prefer a
different approach.
- --
With best regards
Jasper Orschulko
DevOps Engineer
Tel. +49 30 58 58 14 265
Fax +49 30 58 58 14 999
Jasper.O...@iris-sensing.com
• • • • • • • • • • • • • • • • • • • • • • • • • •
iris-GmbH
infrared & intelligent sensors
Schnellerstraße 1-5 | 12439 Berlin
https://iris-sensing.com/
KAS_PREMIRRORS
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEE4WyPMIC5Ap4+Ooo1Ygqew07VMNUFAmDg2PgACgkQYgqew07V
MNULxgf+NhMHE4++AB0Q4vA1bi9ktDFcFpWWsZhiO1KlWPHcFxOclMTFlNxzF8aa
GIFCUDse3HDQ7BhqSMNUxgwttMpNu4MUBt0k0gfWHWeEYh8PIMUBRPtBWb0yvOTC
NhtkGbVUT8xj0pa7j+zQDw9/Tqrs2q7s91D8Owpa0Qf9okzjw0BuQaJ85ZtlDzcO
ylhOiC3IAJisOzUZ7Iz4bw3/1Y71WkZQfWt0k8EWijO/x+EcuFZhY/Sam7mcCiHM
D/1G3a1+xkp4dgYcGwu0Nb30dAYwsAfFupHepi+ckTByT9BmJiMJHXyPVrsbdTyr
uIFFNfsf8FPCcGhQUXKVRpOkjt3lSg==
=gLyy
-----END PGP SIGNATURE-----
Hash: SHA256
Done. FYI, I had to change the example for KAS_PREMIRRORS, so it would
still fit into the 80 columns. Please tell me, if you'd prefer a
different approach.
- --
With best regards
Jasper Orschulko
DevOps Engineer
Tel. +49 30 58 58 14 265
Fax +49 30 58 58 14 999
Jasper.O...@iris-sensing.com
• • • • • • • • • • • • • • • • • • • • • • • • • •
iris-GmbH
infrared & intelligent sensors
Schnellerstraße 1-5 | 12439 Berlin
https://iris-sensing.com/
KAS_PREMIRRORS
iQEzBAEBCAAdFiEE4WyPMIC5Ap4+Ooo1Ygqew07VMNUFAmDg2PgACgkQYgqew07V
MNULxgf+NhMHE4++AB0Q4vA1bi9ktDFcFpWWsZhiO1KlWPHcFxOclMTFlNxzF8aa
GIFCUDse3HDQ7BhqSMNUxgwttMpNu4MUBt0k0gfWHWeEYh8PIMUBRPtBWb0yvOTC
NhtkGbVUT8xj0pa7j+zQDw9/Tqrs2q7s91D8Owpa0Qf9okzjw0BuQaJ85ZtlDzcO
ylhOiC3IAJisOzUZ7Iz4bw3/1Y71WkZQfWt0k8EWijO/x+EcuFZhY/Sam7mcCiHM
D/1G3a1+xkp4dgYcGwu0Nb30dAYwsAfFupHepi+ckTByT9BmJiMJHXyPVrsbdTyr
uIFFNfsf8FPCcGhQUXKVRpOkjt3lSg==
=gLyy
-----END PGP SIGNATURE-----
Jan Kiszka
Jul 5, 2021, 4:00:37 AM7/5/21
to Jasper Orschulko, kas-...@googlegroups.com, maciej.p...@3mdeb.com, sam.vr...@gmail.com, Jasper.O...@iris-sensing.com
Jan Kiszka
Jul 10, 2021, 5:42:08 AM7/10/21
to Jasper Orschulko, kas-...@googlegroups.com, maciej.p...@3mdeb.com, sam.vr...@gmail.com, Jasper.O...@iris-sensing.com
if ('SSH_PRIVATE_KEY' in os.environ
or 'SSH_PRIVATE_KEY_FILE' in os.environ):
>> self.setup_commands.append(SetupSSHAgent())
>>
>> self.setup_commands += [
>> @@ -65,7 +65,8 @@ class Macro:
>> else:
>> self.setup_commands = []
>>
>> - if use_common_cleanup and 'SSH_PRIVATE_KEY' in os.environ:
>> + if use_common_cleanup and \
>> + ('SSH_PRIVATE_KEY' or 'SSH_PRIVATE_KEY_FILE') in os.environ:
if (use_common_cleanup
and ('SSH_PRIVATE_KEY' in os.environ
or 'SSH_PRIVATE_KEY_FILE' in os.environ)):
Jan
Jasper Orschulko
Jul 10, 2021, 5:44:56 AM7/10/21
to Jan Kiszka, kas-...@googlegroups.com, maciej.p...@3mdeb.com, sam.vr...@gmail.com, Jasper.O...@iris-sensing.com
Good catch, thanks! :)
On 10 July 2021 11:41:56 CEST, Jan Kiszka <jan.k...@siemens.com> wrote:
On 05.07.21 10:00, Jan Kiszka wrote:
On 03.07.21 23:35, 'Jasper Orschulko' via kas-devel wrote:
Additionally to the variable SSH_PRIVATE_KEY, which can be used to
reference a private key saved as a string within a variable (the previous
documentation falsely stated, that it references a path and has been
adjusted), the new variable SSH_PRIVATE_KEY_FILE can now be used to reference
the path to a file containing the private key.
Signed-off-by: Jasper Orschulko <jas...@fancydomain.eu>
docs/command-line.rst | 134 +++++++++++++++++++++++-------------------
kas/libcmds.py | 5 +-
kas/libkas.py | 33 +++++++++--
3 files changed, 103 insertions(+), 69 deletions(-)
diff --git a/docs/command-line.rst b/docs/command-line.rst
index 91e4d6f..86f6b7b 100644
--- a/docs/command-line.rst
+++ b/docs/command-line.rst
@@ -10,67 +10,79 @@ Command line usage
Environment variables
--
Sent from my Android device with K-9 Mail. Please excuse my brevity.
Reply all
Reply to author
Forward
0 new messages