diff --git a/cfg.sample.toml b/cfg.sample.toml index b9a838ae..2120d461 100644 --- a/cfg.sample.toml +++ b/cfg.sample.toml @@ -20,6 +20,11 @@ app_client_secret = "" #ssh_key = """ #""" +# If you're using local git, you may want to set up a ssh-config +# file specific to github.com, primarily to ensure the host key +# is configured. +# ssh_config_path = "" + # By default, Homu extracts the name+email from the Github account. However, # you may want to use a private email for the account, and associate the commits # with a public email address. diff --git a/homu/git_helper.py b/homu/git_helper.py index 0f70c698..ed59ee3e 100755 --- a/homu/git_helper.py +++ b/homu/git_helper.py @@ -3,11 +3,13 @@ import sys import os -SSH_KEY_FILE = os.path.join(os.path.dirname(__file__), '../cache/key') - def main(): - args = ['ssh', '-i', SSH_KEY_FILE, '-S', 'none'] + sys.argv[1:] + cfgpath = os.environ.get('HOMU_SSH_CONFIG') + args = ['ssh', '-i', os.getenv('HOMU_GIT_KEY_PATH'), '-S', 'none'] + if cfgpath is not None: + args.extend(['-F', cfgpath]) + args.extend(sys.argv[1:]) os.execvp('ssh', args) diff --git a/homu/main.py b/homu/main.py index 4a97ac49..dd8dedb1 100644 --- a/homu/main.py +++ b/homu/main.py @@ -15,8 +15,8 @@ from queue import Queue import os import subprocess -from .git_helper import SSH_KEY_FILE import shlex +import tempfile STATUS_TO_PRIORITY = { 'success': 0, @@ -453,12 +453,6 @@ def init_local_git_cmds(repo_cfg, git_cfg): fpath = 'cache/{}/{}'.format(repo_cfg['owner'], repo_cfg['name']) url = 'git@github.com:{}/{}.git'.format(repo_cfg['owner'], repo_cfg['name']) - if not os.path.exists(SSH_KEY_FILE): - os.makedirs(os.path.dirname(SSH_KEY_FILE), exist_ok=True) - with open(SSH_KEY_FILE, 'w') as fp: - fp.write(git_cfg['ssh_key']) - os.chmod(SSH_KEY_FILE, 0o600) - if not os.path.exists(fpath): utils.logged_call(['git', 'init', fpath]) utils.logged_call(['git', '-C', fpath, 'remote', 'add', 'origin', url]) @@ -488,7 +482,6 @@ def create_merge(state, repo_cfg, branch, git_cfg, ensure_merge_equal=False): desc = 'Merge conflict' if git_cfg['local_git']: - git_cmd = init_local_git_cmds(repo_cfg, git_cfg) utils.logged_call(git_cmd('fetch', 'origin', state.base_ref, @@ -959,7 +952,8 @@ def fetch_mergeability(mergeable_que): mergeable_que.task_done() -def check_timeout(states, queue_handler): +def check_timeout(states, queue_handler, tmp_ssh_key): + # This function holds a reference to tmp_ssh_key to keep it alive while True: try: for repo_label, repo_states in states.items(): @@ -1239,13 +1233,23 @@ def queue_handler(): return process_queue(states, repos, repo_cfgs, logger, buildbot_slots, db, git_cfg) os.environ['GIT_SSH'] = os.path.join(os.path.dirname(__file__), 'git_helper.py') + sshcfg = cfg_git.get('ssh_config_path') + if sshcfg is not None: + os.environ['HOMU_SSH_CONFIG'] = sshcfg os.environ['GIT_EDITOR'] = 'cat' + tmp_ssh_key = None + if git_cfg['local_git']: + tmp_ssh_key = tempfile.NamedTemporaryFile(prefix='homu-sshkey') + tmp_ssh_key.write(git_cfg['ssh_key'].encode('utf-8')) + tmp_ssh_key.flush() + os.environ['HOMU_GIT_KEY_PATH'] = tmp_ssh_key.name + from . import server Thread(target=server.start, args=[cfg, states, queue_handler, repo_cfgs, repos, logger, buildbot_slots, my_username, db, repo_labels, mergeable_que, gh]).start() Thread(target=fetch_mergeability, args=[mergeable_que]).start() - Thread(target=check_timeout, args=[states, queue_handler]).start() + Thread(target=check_timeout, args=[states, queue_handler, tmp_ssh_key]).start() queue_handler()