Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F87540
D7697.diff
All Users
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
3 KB
Referenced Files
None
Subscribers
None
D7697.diff
View Options
diff --git a/src/applications/drydock/blueprint/DrydockPreallocatedHostBlueprintImplementation.php b/src/applications/drydock/blueprint/DrydockPreallocatedHostBlueprintImplementation.php
--- a/src/applications/drydock/blueprint/DrydockPreallocatedHostBlueprintImplementation.php
+++ b/src/applications/drydock/blueprint/DrydockPreallocatedHostBlueprintImplementation.php
@@ -41,12 +41,12 @@
// we have all the information we need.
PhutilTypeSpec::checkMap(
$resource->getAttributesForTypeSpec(
- array('platform', 'host', 'port', 'user', 'path')),
+ array('platform', 'host', 'port', 'credential', 'path')),
array(
'platform' => 'string',
'host' => 'string',
'port' => 'string', // Value is a string from the command line
- 'user' => 'string',
+ 'credential' => 'string',
'path' => 'string',
));
$v_platform = $resource->getAttribute('platform');
@@ -103,8 +103,7 @@
->setConfiguration(array(
'host' => $resource->getAttribute('host'),
'port' => $resource->getAttribute('port'),
- 'user' => $resource->getAttribute('user'),
- 'ssh-keyfile' => $resource->getAttribute('ssh-keyfile'),
+ 'credential' => $resource->getAttribute('credential'),
'platform' => $resource->getAttribute('platform')));
}
diff --git a/src/applications/drydock/interface/command/DrydockSSHCommandInterface.php b/src/applications/drydock/interface/command/DrydockSSHCommandInterface.php
--- a/src/applications/drydock/interface/command/DrydockSSHCommandInterface.php
+++ b/src/applications/drydock/interface/command/DrydockSSHCommandInterface.php
@@ -22,23 +22,31 @@
// NOTE: The "-t -t" is for psuedo-tty allocation so we can "sudo" on some
// systems, but maybe more trouble than it's worth?
- $keyfile = $this->getConfig('ssh-keyfile');
- if (!empty($keyfile)) {
- return new ExecFuture(
- 'ssh -t -t -o StrictHostKeyChecking=no -p %s -i %s %s@%s -- %s',
- $this->getConfig('port'),
- $this->getConfig('ssh-keyfile'),
- $this->getConfig('user'),
- $this->getConfig('host'),
- $full_command);
- } else {
- return new ExecFuture(
- 'ssh -t -t -o StrictHostKeyChecking=no -p %s %s@%s -- %s',
- $this->getConfig('port'),
- $this->getConfig('user'),
- $this->getConfig('host'),
- $full_command);
+ $credential = id(new PassphraseCredentialQuery())
+ ->setViewer(PhabricatorUser::getOmnipotentUser())
+ ->withIDs(array($this->getConfig('credential')))
+ ->needSecrets(true)
+ ->executeOne();
+
+ // FIXME: We can't use text-based SSH files here because the TempFile goes
+ // out of scope after this function ends and thus the file gets removed
+ // before it can be used.
+ if ($credential->getCredentialType() !==
+ PassphraseCredentialTypeSSHPrivateKeyFile::CREDENTIAL_TYPE) {
+ throw new Exception("Only private key file credentials are supported.");
}
+
+ $ssh_key = PassphraseSSHKey::loadFromPHID(
+ $credential->getPHID(),
+ PhabricatorUser::getOmnipotentUser());
+
+ return new ExecFuture(
+ 'ssh -t -t -o StrictHostKeyChecking=no -p %s -i %s %s@%s -- %s',
+ $this->getConfig('port'),
+ $ssh_key->getKeyfileEnvelope()->openEnvelope(),
+ $credential->getUsername(),
+ $this->getConfig('host'),
+ $full_command);
}
}
File Metadata
Details
Attached
Mime Type
text/x-diff
Storage Engine
amazon-s3
Storage Format
Raw Data
Storage Handle
phabricator/ka/24/76okjc6kvtf2ugz3
Default Alt Text
D7697.diff (3 KB)
Attached To
Mode
D7697: Update preallocated hosts to use Passphrase credentials
Attached
Detach File
Event Timeline
Log In to Comment