From 7ad49a87c5fea6946aa90da6b1fadb25081cf4b5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pavel=20Dost=C3=A1l?= Date: Fri, 1 Mar 2024 08:48:37 +0100 Subject: [PATCH] Continue fix the ed25519 keys in Public Cloud --- data/publiccloud/ssh_config | 1 + lib/publiccloud/provider.pm | 8 ++++---- lib/publiccloud/utils.pm | 13 +++++-------- lib/sles4sap_publiccloud_basetest.pm | 1 - 4 files changed, 10 insertions(+), 13 deletions(-) diff --git a/data/publiccloud/ssh_config b/data/publiccloud/ssh_config index 693a5c5c1383..83cb44f0e4b5 100644 --- a/data/publiccloud/ssh_config +++ b/data/publiccloud/ssh_config @@ -1,6 +1,7 @@ ControlMaster auto ControlPath /tmp/ssh_%r_%h_%p StrictHostKeyChecking no +HostKeyAlgorithms +ssh-rsa IdentityFile %SSH_KEY% ControlPersist 86400 diff --git a/lib/publiccloud/provider.pm b/lib/publiccloud/provider.pm index c943b586796c..fb7ef0e36ef9 100644 --- a/lib/publiccloud/provider.pm +++ b/lib/publiccloud/provider.pm @@ -13,7 +13,7 @@ use Mojo::Base -base; use publiccloud::instance; use publiccloud::instances; use publiccloud::ssh_interactive 'select_host_console'; -use publiccloud::utils qw(is_azure is_gce is_ec2 is_hardened get_ssh_key_algorithm); +use publiccloud::utils qw(is_azure is_gce is_ec2 is_hardened get_ssh_private_key_path); use Carp; use List::Util qw(max); use Data::Dumper; @@ -31,7 +31,7 @@ has terraform_applied => 0; has resource_name => sub { get_var('PUBLIC_CLOUD_RESOURCE_NAME', 'openqa-vm') }; has provider_client => undef; -has ssh_key => get_ssh_key_file_name(); +has ssh_key => get_ssh_private_key_path(); =head1 METHODS @@ -197,9 +197,9 @@ sub run_img_proof { $cmd .= '--service-account-file "' . $args{credentials_file} . '" ' if ($args{credentials_file}); #TODO: this if is just dirty hack which needs to be replaced with something more sane ASAP. $cmd .= '--access-key-id $AWS_ACCESS_KEY_ID --secret-access-key $AWS_SECRET_ACCESS_KEY ' if (is_ec2()); - $cmd .= "--ssh-key-name '" . $args{key_name} . "' " if ($args{key_name}); + $cmd .= '--ssh-key-name $(realpath ' . $args{key_name} . ') ' if ($args{key_name}); $cmd .= '-u ' . $args{user} . ' ' if ($args{user}); - $cmd .= '--ssh-private-key-file "' . $self->ssh_key . '" '; + $cmd .= '--ssh-private-key-file $(realpath ' . $self->ssh_key . ') '; $cmd .= '--running-instance-id "' . ($args{running_instance_id} // $args{instance}->instance_id) . '" '; $cmd .= "--beta " if ($beta); if ($exclude) { diff --git a/lib/publiccloud/utils.pm b/lib/publiccloud/utils.pm index b06de89afbf1..7eb98d6dc3c0 100644 --- a/lib/publiccloud/utils.pm +++ b/lib/publiccloud/utils.pm @@ -43,7 +43,7 @@ our @EXPORT = qw( register_openstack register_addons_in_pc gcloud_install - get_ssh_key_algorithm + get_ssh_private_key_path prepare_ssh_tunnel kill_packagekit allow_openqa_port_selinux @@ -255,20 +255,17 @@ sub gcloud_install { record_info('GCE', script_output('gcloud version')); } -sub get_ssh_key_file_name { - my $algorithm = '~/.ssh/id_ed25519'; - $algorithm = '~/.ssh/id_rsa' if (is_azure() || get_var('PUBLIC_CLOUD_SLES4SAP')); - return $algorithm; +sub get_ssh_private_key_path { + return (is_azure() || get_var('PUBLIC_CLOUD_SLES4SAP')) ? '~/.ssh/id_rsa' : '~/.ssh/id_ed25519'; } sub prepare_ssh_tunnel { - my ($instance, $ssh_key) = @_; - $ssh_key //= '~/.ssh/id_rsa'; + my ($instance) = @_; # configure ssh client my $ssh_config_url = data_url('publiccloud/ssh_config'); assert_script_run("curl $ssh_config_url -o ~/.ssh/config"); - file_content_replace("~/.ssh/config", "%SSH_KEY%" => $ssh_key); + file_content_replace("~/.ssh/config", "%SSH_KEY%" => get_ssh_private_key_path()); # Create the ssh alias assert_script_run(sprintf(q(echo -e 'Host sut\n Hostname %s' >> ~/.ssh/config), $instance->public_ip)); diff --git a/lib/sles4sap_publiccloud_basetest.pm b/lib/sles4sap_publiccloud_basetest.pm index f588efcbb91b..2ae6b9d2350e 100644 --- a/lib/sles4sap_publiccloud_basetest.pm +++ b/lib/sles4sap_publiccloud_basetest.pm @@ -15,7 +15,6 @@ use Exporter 'import'; use testapi; use qesapdeployment; use sles4sap_publiccloud; -use publiccloud::utils; our @EXPORT = qw(cleanup import_context);