/
ssh.go
85 lines (70 loc) · 1.74 KB
/
ssh.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
package ssh
import (
"context"
"github.com/FAU-CDI/wisski-distillery/internal/status"
"github.com/FAU-CDI/wisski-distillery/internal/wisski/ingredient"
"github.com/FAU-CDI/wisski-distillery/internal/wisski/ingredient/barrel"
"github.com/gliderlabs/ssh"
gossh "golang.org/x/crypto/ssh"
)
type SSH struct {
ingredient.Base
Dependencies struct {
Barrel *barrel.Barrel
}
}
var (
_ ingredient.WissKIFetcher = (*SSH)(nil)
)
func (ssh *SSH) Keys(ctx context.Context) (keys []ssh.PublicKey, err error) {
grants, err := ssh.Liquid.Policy.Instance(ctx, ssh.Slug)
if err != nil {
return nil, err
}
// iterate over enabled distillery admin users
for _, grant := range grants {
if !grant.DrupalAdminRole {
continue
}
ukeys, err := ssh.Liquid.Keys.Keys(ctx, grant.User)
if err != nil {
return nil, err
}
for _, ukey := range ukeys {
if pk := ukey.PublicKey(); pk != nil {
keys = append(keys, pk)
}
}
}
// and return the keys!
return keys, nil
}
// AllKeys returns the keys specifically registered to this instance and all the globally registered keys.
func (ssh *SSH) AllKeys(ctx context.Context) (keys []ssh.PublicKey, err error) {
lkeys, err := ssh.Keys(ctx)
if err != nil {
return nil, err
}
gkeys, err := ssh.Liquid.Keys.Admin(ctx)
if err != nil {
return nil, err
}
keys = append(keys, lkeys...)
keys = append(keys, gkeys...)
return keys, nil
}
func (ssh *SSH) Fetch(flags ingredient.FetcherFlags, info *status.WissKI) error {
if flags.Quick {
return nil
}
// add the instance keys
keys, err := ssh.AllKeys(flags.Context)
if err != nil {
return err
}
info.SSHKeys = make([]string, len(keys))
for i, key := range keys {
info.SSHKeys[i] = string(gossh.MarshalAuthorizedKey(key))
}
return nil
}