[PATCH v3 compass-ci 3/4] assign-account: generate rsa keys - Compass-ci

12 Nov 2020

generate rsa private/public key and return public key on jumper server
[why]
     register the public key on testbox
     enable user one click to login in the testbox
[how]
     generate rsa private/public key for user on jumper server
     return and register the public key to es
Signed-off-by: Luan Shengde shdluan@163.com
---
 container/assign-account/get_account_info.rb | 43 +++++++++++---------
 1 file changed, 24 insertions(+), 19 deletions(-)

diff --git a/container/assign-account/get_account_info.rb b/container/assign-account/get_account_info.rb
index 137f5c6..9cf6044 100755
--- a/container/assign-account/get_account_info.rb
+++ b/container/assign-account/get_account_info.rb
@@ -34,12 +34,13 @@ setup_jumper_account_info
   read_jumper_info
   config_default_yaml
   config_authorized_key
+  generate_ssh_key
the returned data for setup_jumper_account_info like:
 {
-  "account" => "guest",
-  "passwd" => "Use pub_key to login",
-  "jumper_ip" => "10.10.10.10",
+  "my_login_name" => "test_user",
+  "password" => "Use pub_key to login",
+  "jumper_host" => "0.0.0.0",
   "jumper_port" => "10000"
 }
@@ -94,30 +95,35 @@ class AccountStorage
   end
def setup_jumper_account_info
-    account_info = read_account_info
-    jumper_info = read_jumper_info
-    pub_key = @data['my_ssh_pubkey'] unless @data['my_ssh_pubkey'].nil?
+    login_name, password = read_account_info
+    jumper_host, jumper_port = read_jumper_info
+    pub_key = @data['my_ssh_pubkey'][0]
-    login_name    = account_info[0]
-    password      = if pub_key.nil?
-                      account_info[1]
-                    else
-                      'Use pub_key to login'
-                    end
+    password = 'Use pub_key to login' unless pub_key.nil?
+
+    ssh_dir = File.join('/home/', login_name, '.ssh')
+    config_authorized_key(login_name, pub_key, ssh_dir) unless pub_key.nil?
+    config_default_yaml(login_name)
+    my_jumper_pubkey = generate_ssh_key(login_name, ssh_dir) if @data['gen_sshkey'].eql? true
jumper_account_info = {
       'my_login_name' => login_name,
       'my_password' => password,
-      'jumper_host' => jumper_info[0].chomp,
-      'jumper_port' => jumper_info[1].chomp
+      'jumper_host' => jumper_host,
+      'jumper_port' => jumper_port,
+      'my_jumper_pubkey' => my_jumper_pubkey
     }
-    config_authorized_key(login_name, pub_key) unless pub_key.nil?
-    config_default_yaml(login_name)
-
     return jumper_account_info
   end
+  def generate_ssh_key(login_name, ssh_dir)
+    Dir.mkdir ssh_dir, 0o700 unless File.exist? ssh_dir
+    %x(ssh-keygen -f "#{ssh_dir}/id_rsa" -N '' -C "#{login_name}@account-vm")
+    %x(chown -R #{login_name}:#{login_name} #{ssh_dir})
+    File.read("/home/#{login_name}/.ssh/id_rsa.pub")
+  end
+
   def config_default_yaml(login_name)
     default_yaml_dir = File.join('/home', login_name, '.config/compass-ci/defaults')
     FileUtils.mkdir_p default_yaml_dir
@@ -132,8 +138,7 @@ class AccountStorage
     %x(chown -R #{login_name}:#{login_name} "/home/#{login_name}/.config")
   end
-  def config_authorized_key(login_name, pub_key)
-    ssh_dir = File.join('/home/', login_name, '.ssh')
+  def config_authorized_key(login_name, pub_key, ssh_dir)
     Dir.mkdir ssh_dir, 0o700
     Dir.chdir ssh_dir
     f = File.new('authorized_keys', 'w')
-- 
2.23.0

    