[PATCH v3 compass-ci 2/4] assign-account: add new option for ssh key
add -r|--gen-sshkey option for answerback-email [why] enable one click login testbox from jumper server [how] add -r|--rsa-key option to enable generate private/public key on jumper server register the public key to es Signed-off-by: Luan Shengde <shdluan@163.com> --- container/assign-account/answerback-email.rb | 77 ++++++++++---------- 1 file changed, 38 insertions(+), 39 deletions(-) diff --git a/container/assign-account/answerback-email.rb b/container/assign-account/answerback-email.rb index 686a327..39091c7 100755 --- a/container/assign-account/answerback-email.rb +++ b/container/assign-account/answerback-email.rb @@ -7,12 +7,23 @@ # samba mount # ssh logshn (huawei, ) (install pubkey / send password) +# 1) external user: email apply => mail robot +# 2) ./answerback-email: huawei user: cli apply +# => params +# => REST api (params different) +# => robot email notify + +# user_type: +# apply_from: mail/cli +# allow_login: + require 'json' require 'mail' require 'set' require 'optparse' require_relative '../defconfig' require_relative '../../lib/es_client' +require_relative 'send-account-email' names = Set.new %w[ JUMPER_HOST @@ -31,17 +42,18 @@ SEND_MAIL_PORT = defaults['SEND_MAIL_PORT'] || 49000 my_info = { 'my_email' => nil, 'my_name' => nil, + 'my_commit_url' => nil, 'my_uuid' => %x(uuidgen).chomp, - 'my_ssh_pubkey' => nil + 'my_ssh_pubkey' => [], + 'gen_sshkey' => false } -def init_info(email_file, my_info) - mail_content = Mail.read(email_file) +def init_info(mail_content, my_info) my_info['my_email'] = mail_content.from[0] my_info['my_name'] = mail_content.From.unparsed_value.gsub(/ <[^<>]*>/, '') - my_info['my_ssh_pubkey'] = if mail_content.part[1].filename == 'id_rsa.pub' - mail_content.part[1].body.decoded - end + my_info['my_ssh_pubkey'] << if mail_content.part[1].filename == 'id_rsa.pub' + mail_content.part[1].body.decoded + end end options = OptionParser.new do |opts| @@ -55,17 +67,23 @@ options = OptionParser.new do |opts| opts.on('-e email_address', '--email email_address', 'appoint email address') do |email_address| my_info['my_email'] = email_address - # when apply account with email address, will get no user name + # when apply account with email address, will get no user name and commit url my_info['my_name'] = '' + my_info['my_commit_url'] = '' end opts.on('-s pub_key_file', '--ssh-pubkey pub_key_file', \ 'ssh pub_key file, enable password-less login') do |pub_key_file| - my_info['my_ssh_pubkey'] = File.read(pub_key_file) + my_info['my_ssh_pubkey'] << File.read(pub_key_file).chomp end opts.on('-f email_file', '--raw-email email_file', 'email file') do |email_file| - init_info(email_file, my_info) + mail_content = Mail.read(email_file) + init_info(mail_content, my_info) + end + + opts.on('-g', '--gen-sshkey', 'generate jumper ras public/private key and return pubkey') do + my_info['gen_sshkey'] = true end opts.on_tail('-h', '--help', 'show this message') do @@ -76,32 +94,6 @@ end options.parse!(ARGV) -def build_message(email, account_info) - message = <<~EMAIL_MESSAGE - To: #{email} - Subject: [compass-ci] jumper account is ready - - Dear user: - - Thank you for joining us. - You can use the following command to login the jumper server: - - Login command: - ssh -p #{account_info['jumper_port']} #{account_info['my_login_name']}@#{account_info['jumper_host']} - - Account password: - #{account_info['my_password']} - - Suggest: - If you use the password to login, change it in time. - - regards - compass-ci - EMAIL_MESSAGE - - return message -end - def apply_account(my_info) account_info_str = %x(curl -XGET '#{JUMPER_HOST}:#{JUMPER_PORT}/assign_account' -d '#{my_info.to_json}') JSON.parse account_info_str @@ -114,12 +106,19 @@ def send_account(my_info) raise message if my_info['my_email'].nil? account_info = apply_account(my_info) - # for manually assign account, there will be no my_commit_url - # but the key my_commit_url is required for es - my_info['my_commit_url'] = '' my_info['my_login_name'] = account_info['my_login_name'] - my_info.delete 'my_ssh_pubkey' + + unless account_info['my_jumper_pubkey'].nil? + my_info['my_ssh_pubkey'] << account_info['my_jumper_pubkey'].chomp + end + + my_info.delete 'gen_sshkey' store_account_info(my_info) + + send_mail(my_info, account_info) +end + +def send_mail(my_info, account_info) message = build_message(my_info['my_email'], account_info) %x(curl -XPOST '#{SEND_MAIL_HOST}:#{SEND_MAIL_PORT}/send_mail_text' -d "#{message}") -- 2.23.0
On Fri, Nov 13, 2020 at 10:00:48AM +0800, Wu Fengguang wrote:
On Thu, Nov 12, 2020 at 07:09:19PM +0800, Luan Shengde wrote:
add -r|--gen-sshkey option for answerback-email
-r => -g
add -r|--rsa-key option to enable generate private/public key on jumper server register the public key to es
-g|--gen-sshkey
I will fix it Thanks, Luan Shengde
Thanks, Fengguang
On Fri, Nov 13, 2020 at 10:01:49AM +0800, Wu Fengguang wrote:
+ my_info['my_ssh_pubkey'] << if mail_content.part[1].filename == 'id_rsa.pub' + mail_content.part[1].body.decoded + end
Will that add nil to the array?
this is a bug, style as below will fix it if mail_content.part[1].filename == 'id_rsa.pub' my_info['my_ssh_pubkey'] << mail_content.part[1].body.decoded end Thanks, Luan Shengde
Thanks, Fengguang
On Fri, Nov 13, 2020 at 10:14:29AM +0800, Luan Shengde wrote:
On Fri, Nov 13, 2020 at 10:01:49AM +0800, Wu Fengguang wrote:
+ my_info['my_ssh_pubkey'] << if mail_content.part[1].filename == 'id_rsa.pub' + mail_content.part[1].body.decoded + end
Will that add nil to the array?
this is a bug, style as below will fix it if mail_content.part[1].filename == 'id_rsa.pub'
It's not necessarily named id_rsa.pub
my_info['my_ssh_pubkey'] << mail_content.part[1].body.decoded end
Thanks, Luan Shengde
Thanks, Fengguang
On Fri, Nov 13, 2020 at 10:19:28AM +0800, Wu Fengguang wrote:
On Fri, Nov 13, 2020 at 10:14:29AM +0800, Luan Shengde wrote:
On Fri, Nov 13, 2020 at 10:01:49AM +0800, Wu Fengguang wrote:
+ my_info['my_ssh_pubkey'] << if mail_content.part[1].filename == 'id_rsa.pub' + mail_content.part[1].body.decoded + end
Will that add nil to the array?
this is a bug, style as below will fix it if mail_content.part[1].filename == 'id_rsa.pub'
It's not necessarily named id_rsa.pub
then how can I determine whether the attachment is a pubkey? Thanks, Luan Shengde
my_info['my_ssh_pubkey'] << mail_content.part[1].body.decoded end
Thanks, Luan Shengde
Thanks, Fengguang
On Fri, Nov 13, 2020 at 10:27:49AM +0800, Luan Shengde wrote:
On Fri, Nov 13, 2020 at 10:19:28AM +0800, Wu Fengguang wrote:
On Fri, Nov 13, 2020 at 10:14:29AM +0800, Luan Shengde wrote:
On Fri, Nov 13, 2020 at 10:01:49AM +0800, Wu Fengguang wrote:
+ my_info['my_ssh_pubkey'] << if mail_content.part[1].filename == 'id_rsa.pub' + mail_content.part[1].body.decoded + end
Will that add nil to the array?
this is a bug, style as below will fix it if mail_content.part[1].filename == 'id_rsa.pub'
It's not necessarily named id_rsa.pub
then how can I determine whether the attachment is a pubkey?
/^id_.*\.pub$/ will be good pattern to match. Thanks, Fengguang
my_info['my_ssh_pubkey'] << mail_content.part[1].body.decoded end
Thanks, Luan Shengde
Thanks, Fengguang
It's not necessarily named id_rsa.pub
then how can I determine whether the attachment is a pubkey?
/^id_.*\.pub$/ will be good pattern to match.
OK, I will use it Thanks, Luan Shengde
Thanks, Fengguang
my_info['my_ssh_pubkey'] << mail_content.part[1].body.decoded end
Thanks, Luan Shengde
Thanks, Fengguang
Will that add nil to the array?
this is a bug, style as below will fix it if mail_content.part[1].filename == 'id_rsa.pub'
It's not necessarily named id_rsa.pub
I will just check if the email file has a attachment. and use attachment[0] as the pub_key file. Thanks, Luan Shengde
my_info['my_ssh_pubkey'] << mail_content.part[1].body.decoded end
Thanks, Luan Shengde
Thanks, Fengguang
On Thu, Nov 12, 2020 at 07:09:19PM +0800, Luan Shengde wrote:
add -r|--gen-sshkey option for answerback-email
[why] enable one click login testbox from jumper server
[how] add -r|--rsa-key option to enable generate private/public key on jumper server register the public key to es
Signed-off-by: Luan Shengde <shdluan@163.com> --- container/assign-account/answerback-email.rb | 77 ++++++++++---------- 1 file changed, 38 insertions(+), 39 deletions(-)
diff --git a/container/assign-account/answerback-email.rb b/container/assign-account/answerback-email.rb index 686a327..39091c7 100755 --- a/container/assign-account/answerback-email.rb +++ b/container/assign-account/answerback-email.rb @@ -7,12 +7,23 @@ # samba mount # ssh logshn (huawei, ) (install pubkey / send password)
+# 1) external user: email apply => mail robot +# 2) ./answerback-email: huawei user: cli apply
Please remove "huawei user". Fundamentally, it's only about where the params come from -- email or CLI tool. 1) 2) => entry1/entry2 Thanks, Fengguang
# samba mount # ssh logshn (huawei, ) (install pubkey / send password)
+# 1) external user: email apply => mail robot +# 2) ./answerback-email: huawei user: cli apply
Please remove "huawei user". Fundamentally, it's only about where the params come from -- email or CLI tool.
1) 2) => entry1/entry2
ok, I will update it Thanks, Luan Shengde
Thanks, Fengguang
On Fri, Nov 13, 2020 at 10:12:54AM +0800, Luan Shengde wrote:
# samba mount # ssh logshn (huawei, ) (install pubkey / send password)
+# 1) external user: email apply => mail robot +# 2) ./answerback-email: huawei user: cli apply
Please remove "huawei user". Fundamentally, it's only about where the params come from -- email or CLI tool.
1) 2) => entry1/entry2
ok, I will update it
OK. entry point 1) entry point 2) Thanks, Fengguang
participants (2)
-
Luan Shengde -
Wu Fengguang