Add support for SSH environment variables

[guba-deponido]

We have a local overcast repo that includes a shared clusters.json file, so that everyone on the team can receive changes whenever anyone pushes changes to the repo. The issue is that we use individual SSH accounts to access the systems, which requires everyone to update user and ssh_key for each entry after performing a fresh pull.

It would be nice if overcast supported some environment variables that users could set, similar to the DIGITALOCEAN_API_TOKEN var:

overcast vars set OVERCAST_SSH_USER myuser
overcast vars set OVERCAST_SSH_KEY ~/.ssh/myuser_priv

I also wouldn't mind native OS environment variables either

clusters.json could have default user/ssh_key options or not include it at all:

"web-servers": {
    "instances": {
      "web01": {
        "ip": "web01.mydomain.local",
        "name": "web01",
        "ssh_key": "root_key",
        "ssh_port": "22",
        "user": "root"
      },
      "web02": {
        "ip": "web02.mydomain.local",
        "name": "web02",
        "ssh_key": "root_key",
        "ssh_port": "22",
        "user": "root"
      }
    }
  }

Or:

"web-servers": {
    "instances": {
      "web01": {
        "ip": "web01.mydomain.local",
        "name": "web01",
        "ssh_port": "22"
      },
      "web02": {
        "ip": "web02.mydomain.local",
        "name": "web02",
        "ssh_port": "22"
      }
    }
  }

Not sure if this would be the correct place but it could be implemented in src/ssh.js:

function runOnInstance(instance, args, nextFn) {
  const command = args._.shift();
  const vars = utils.getVariables();     // load env vars
  sshExec({
    ip: instance.ip,
    user: args.user || vars.OVERCAST_SSH_USER || instance.user,     // add env var lookup
    password: args.password || instance.password,
    name: instance.name,
    ssh_key: args['ssh-key'] || vars.OVERCAST_SSH_KEY || instance.ssh_key,     // add env var lookup
    ssh_port: instance.ssh_port,
    ssh_args: utils.isString(args['ssh-args']) ? args['ssh-args'] : '',
    continueOnError: args.continueOnError,
    machineReadable: args['mr'] || args['machine-readable'],
    env: args.env,
    command,
    shell_command: args['shell-command']
  }, () => {
    if (args._.length > 0) {
      runOnInstance(instance, args, nextFn);
    } else if (utils.isFunction(nextFn)) {
      nextFn();
    }
  });
}

[andrewchilds]

Hello! Just to clarify, the idea would be everyone has their own variables.json file that is not checked in / ignored by git? I suppose from a Developer Experience perspective, that'd be easier than setting shell env variables. Would you agree?

Note that you can also run overcast ssh my-instance --ssh-key /path/to/my.key, but that would mean needing to append it each time, which would be a drag if you're doing a lot of manual commands.

[guba-deponido]

Hi there! Yes, we have our own variables.json file. The repo is checked out in a folder (depends on developer) and we let the install create the ~/.overcast directory. From there, we remove the default clusters.json and add a symlink to file in our repo.

and I do agree on ignoring variables.json w/git because I would imagine using different AWS access tokens per IAM user too.

I did see the options for passing the user and key via the command line but it does get tedious because we usually are running a lot of manual commands over different groups, whether we're auditing or trying to figure out which server in a pool is having issues when troubleshooting

[andrewchilds]

Hi @guba-deponido, support for OVERCAST_SSH_USER and OVERCAST_SSH_KEY have been added in v2.2.1. Thanks for using Overcast.

[guba-deponido]

Thanks for adding this feature! I've updated and it works great