serverless-python-requirements
serverless-python-requirements copied to clipboard
Mount the entire user SSH directory into build container
This enables the user to use an key file format (RSA, ED25519, ...). Additionally, it allows more complex workflows (such as different SSH keys for specfic sites, such as Github or Bitbucket), since the .ssh/config file is also mounted into the container.
Fixes https://github.com/UnitedIncome/serverless-python-requirements/issues/488
Adding some tests sounds like a good idea, however I'm not very experienced with JS tests. Basically what I would do is the following:
- create a file in ~/.ssh/id_foobar
- run sls with dockerizePip option
- check if the file is mounted inside the docker container
@miketheman Hey, I tried adding a test, but I'm not sure why the test does not produce a ZIP file (and subsequently fails). Could you look into it?
@miketheman After a few more attempts I got it working. Could you review the PR again when you find the time? Thanks.
Since there hasn't been any activity on the github actions PR for a two weeks now, could we merge this one in anyway?
@jacksgt I was looking at that merge conflict, I could sort of resolve that through the editor, but I'm just as likely to screw it up. You just need to make sure your new test is present and is async, and as soon as you can do that we can merge this.
@bsamuel-ui Hey, thanks for getting back on this one and keeping the project going!
I rebased on master, but now the test is failing with a git error code that seems to indicate there is no public/private ssh key present on the host machine. Since the testcase worked on the old CI, I assume that something changed in the setup. Any idea how to fix this?
Seeing a bunch of issues here that aren't in other branches. I'm going to take some time to dig into it on Tuesday per #550
Hey, having this issue as well. Is this going to be merged at some point? also, is there any workaround for this? Thanks a lot for the hard work.
EDIT Tried to Workaround by simply creating an id_rsa key and attaching as a new key to github. https://docs.github.com/en/github/authenticating-to-github/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent
ssh-keygen -t rsa -b 4096 -C "[email protected]"
But having the same issue. So this does not solve the problem :(
Any move with this? Something I can help with to have this eligible for merge? This is the current source code:
// Mount necessary ssh files to work with private repos
if (options.dockerSsh) {
// Mount necessary ssh files to work with private repos
dockerCmd.push(
'-v',
`${process.env.HOME}/.ssh/id_rsa:/root/.ssh/id_rsa:z`,
'-v',
`${process.env.HOME}/.ssh/known_hosts:/root/.ssh/known_hosts:z`,
'-v',
`${process.env.SSH_AUTH_SOCK}:/tmp/ssh_sock:z`,
'-e',
'SSH_AUTH_SOCK=/tmp/ssh_sock'
);
}
RSA keys are considered legacy, I don't think it's reasonable to continue expecting (or forcing, pretty much) this format.
EDIT Tried to Workaround by simply creating an id_rsa key and attaching as a new key to github. https://docs.github.com/en/github/authenticating-to-github/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent But having the same issue. So this does not solve the problem :(
Creating a new RSA key and registering it to my GH account worked for me.
Hey @martinezpl - this PR has been dead for a long time - if you'd like to take over and propose a new one, feel free to do so 💯
Hey @jacksgt - it's been a long time since this PR was proposed. I'm going to close it, if you feel like the issue is valid, please open a new issue or a new PR against the latest main branch. Thanks 🙇