ssh-import-id

Merge ~brodock/ssh-import-id:add-gitlab-support into ssh-import-id:master

  1. Git
  2. lp:~brodock/ssh-import-id
  3. add-gitlab-support
  4. Merge into master
Proposed by Gabriel Mazetto
Status: Needs review
Proposed branch: ~brodock/ssh-import-id:add-gitlab-support
Merge into: ssh-import-id:master
Diff against target: 110 lines (+55/-1)
4 files modified
debian/links (+1/-0)
ssh_import_id/__init__.py (+27/-0)
usr/bin/ssh-import-id-gl (+23/-0)
usr/share/man/man1/ssh-import-id.1 (+4/-1)
Reviewer Review Type Date Requested Status
ssh-import-id Pending
Review via email: mp+415751@code.launchpad.net

Commit message

add support for gl:username (GitLab)

Description of the change

add "gl" protocol to retrieve keys from GitLab.com REST API

To post a comment you must log in.
Revision history for this message
Dustin Kirkland  (kirkland) wrote :

Thanks for this. I've incorporated and tested a modified version of this, and proposed it for merging to the upstream maintainers. Cheers, Dustin

Reply
Revision history for this message
Scott Moser (smoser) wrote :

Dustin's PR is at https://code.launchpad.net/~kirkland/ssh-import-id/+git/ssh-import-id/+merge/445392

Reply

Unmerged commits

89f087f... by Gabriel Mazetto

add support for gl:username (GitLab)

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/debian/links b/debian/links
2index 1ad132a..a76f9d9 100644
3--- a/debian/links
4+++ b/debian/links
5@@ -1,2 +1,3 @@
6 usr/share/man/man1/ssh-import-id.1 usr/share/man/man1/ssh-import-id-lp.1
7 usr/share/man/man1/ssh-import-id.1 usr/share/man/man1/ssh-import-id-gh.1
8+usr/share/man/man1/ssh-import-id.1 usr/share/man/man1/ssh-import-id-gl.1
9\ No newline at end of file
10diff --git a/ssh_import_id/__init__.py b/ssh_import_id/__init__.py
11index 034adda..d5b0ffc 100644
12--- a/ssh_import_id/__init__.py
13+++ b/ssh_import_id/__init__.py
14@@ -224,6 +224,8 @@ def fetch_keys(proto, username, useragent):
15 return fetch_keys_lp(username, useragent)
16 if proto == "gh":
17 return fetch_keys_gh(username, useragent)
18+ if proto == "gl":
19+ return fetch_keys_gl(username, useragent)
20
21 die("ssh-import-id protocol handler %s: not found or cannot execute" %
22 (proto))
23@@ -355,6 +357,31 @@ def fetch_keys_gh(ghid, useragent):
24 die(str(e))
25 return keys
26
27+def fetch_keys_gl(glid, useragent):
28+ ratelimit_remaining = 'ratelimit-remaining'
29+ help_url = 'https://docs.gitlab.com/ee/user/gitlab_com/index.html#gitlabcom-specific-rate-limits'
30+ keys = ""
31+ try:
32+ url = "https://gitlab.com/api/v4/users/%s/keys" % (quote_plus(glid))
33+ headers = {'User-Agent': user_agent(useragent)}
34+ try:
35+ with urlopen(Request(url, headers=headers),
36+ timeout=DEFAULT_TIMEOUT) as resp:
37+ data = json.load(resp)
38+ except urllib.error.HTTPError as e:
39+ msg = 'Requesting GitLab keys failed.'
40+ if e.code == 404:
41+ msg = 'Username "%s" not found at GitLab API.' % glid
42+ elif e.hdrs.get(ratelimit_remaining) == "0":
43+ msg = ('GitLab REST API rate-limited this IP address. See %s .'
44+ % help_url)
45+ die(msg + " status_code=%d user=%s" % (e.code, glid))
46+ for gl_keys in data:
47+ keys += "%s %s@gitlab/%s %s\n" % (gl_keys['key'], glid, gl_keys['id'], gl_keys['title'])
48+ # pylint: disable=broad-except
49+ except Exception as e:
50+ die(str(e))
51+ return keys
52
53 def main():
54 errors = []
55diff --git a/usr/bin/ssh-import-id-gl b/usr/bin/ssh-import-id-gl
56new file mode 100755
57index 0000000..bbca300
58--- /dev/null
59+++ b/usr/bin/ssh-import-id-gl
60@@ -0,0 +1,23 @@
61+#!/bin/sh
62+#
63+# ssh-import-id - Authorize SSH public keys from trusted online identities.
64+#
65+# Copyright (c) 2016 Dustin Kirkland <dustin.kirkland@gmail.com>
66+#
67+# ssh-import-id is free software: you can redistribute it and/or modify
68+# it under the terms of the GNU General Public License as published by
69+# the Free Software Foundation, version 3.
70+#
71+# ssh-import-id is distributed in the hope that it will be useful,
72+# but WITHOUT ANY WARRANTY; without even the implied warranty of
73+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
74+# GNU General Public License for more details.
75+#
76+# You should have received a copy of the GNU General Public License
77+# along with ssh-import-id. If not, see <http://www.gnu.org/licenses/>.
78+
79+set -e
80+
81+for i in $@; do
82+ ssh-import-id gl:$i
83+done
84diff --git a/usr/share/man/man1/ssh-import-id.1 b/usr/share/man/man1/ssh-import-id.1
85index 6d26fa7..540cbe5 100644
86--- a/usr/share/man/man1/ssh-import-id.1
87+++ b/usr/share/man/man1/ssh-import-id.1
88@@ -9,12 +9,14 @@
89
90 .BI "ssh\-import\-id\-gh USER_ID_1 [USER_ID_2] ... [USER_ID_n]
91
92+.BI "ssh\-import\-id\-gl USER_ID_1 [USER_ID_2] ... [USER_ID_n]
93+
94 .SH OPTIONS
95 \-h | \-\-help usage
96 \-o | \-\-output F write output to file 'F' (default ~/.ssh/authorized_keys, use "\-" for standard out)
97 \-r | \-\-remove remove keys from authorized keys file 'F'
98 \-u | \-\-useragent U append U to the user agent string
99- PROTO:USER_ID Protocol can be 'lp' for Launchpad.net, or 'gh' for Github.com
100+ PROTO:USER_ID Protocol can be 'lp' for Launchpad.net, 'gh' for Github.com, or 'gl' for GitLab.com
101
102 .SH DESCRIPTION
103 This utility will securely contact a public keyserver and retrieve one or more user's public keys, and append these to the current user's \fI~/.ssh/authorized_keys\fP file, standard output or any other specified output file.
104@@ -23,6 +25,7 @@ User IDs can be prepended by a protocol:
105
106 - \fBlp:\fP to use \fIhttps://launchpad.net/~%s/+sshkeys\fP
107 - \fBgh:\fP to use \fIhttps://api.github.com/users/%s/keys\fP
108+ - \fBgl:\fP to use \fIhttps://gitlab.com/users/%s/keys\fP
109
110 If the protocol is not explicitly specified, then \fBssh-import-id\fP will read a URL variable string from \fI/etc/ssh/ssh_import_id\fP as installed by your package manager and configured by your system administrator. You can override this locally by exporting the string you want in a URL environment variable. If all of these are empty, then the protocol is assumed to be "lp:", which was the original target implementation of this tool.
111

Subscribers

People subscribed via source and target branches

to all changes: