Launchpad code imports

Merge ~cjwatson/lp-codeimport:charm-puller-ssh into lp-codeimport:master

  1. Git
  2. lp:~cjwatson/lp-codeimport
  3. charm-puller-ssh
  4. Merge into master
Proposed by Colin Watson
Status: Merged
Approved by: Colin Watson
Approved revision: 382688f69d7d6611d6003c5fc38e8943da7fd83f
Merge reported by: Otto Co-Pilot
Merged at revision: not available
Proposed branch: ~cjwatson/lp-codeimport:charm-puller-ssh
Merge into: lp-codeimport:master
Diff against target: 40 lines (+15/-0)
3 files modified
charm/lp-codeimport-storage/config.yaml (+8/-0)
charm/lp-codeimport-storage/reactive/lp-codeimport-storage.py (+4/-0)
charm/lp-codeimport-storage/templates/authorized_keys.j2 (+3/-0)
Reviewer Review Type Date Requested Status
Jürgen Gmach Approve
Review via email: mp+440243@code.launchpad.net

Commit message

charm: Allow SSH access from codehosting puller

Description of the change

The Bazaar codehosting puller script (https://git.launchpad.net/launchpad/tree/cronscripts/supermirror-pull.py) needs SSH access to the code import storage unit so that it can pull the output of Bazaar code imports. Allow configuring an SSH key for this.

To post a comment you must log in.
Revision history for this message
Jürgen Gmach (jugmac00) :
review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/charm/lp-codeimport-storage/config.yaml b/charm/lp-codeimport-storage/config.yaml
2index 4f9deac..3ff84ed 100644
3--- a/charm/lp-codeimport-storage/config.yaml
4+++ b/charm/lp-codeimport-storage/config.yaml
5@@ -3,3 +3,11 @@ options:
6 type: string
7 default: ""
8 description: Base64-encoded public SSH key of the code import workers.
9+ puller_ip_address:
10+ type: string
11+ default: ""
12+ description: IP address of the codehosting puller.
13+ puller_public_ssh_key:
14+ type: string
15+ default: ""
16+ description: Base64-encoded public SSH key of the codehosting puller.
17diff --git a/charm/lp-codeimport-storage/reactive/lp-codeimport-storage.py b/charm/lp-codeimport-storage/reactive/lp-codeimport-storage.py
18index 99ceb26..13e48d8 100644
19--- a/charm/lp-codeimport-storage/reactive/lp-codeimport-storage.py
20+++ b/charm/lp-codeimport-storage/reactive/lp-codeimport-storage.py
21@@ -56,6 +56,10 @@ def configure():
22 config["public_ssh_key"] = base64.b64decode(
23 config["public_ssh_key"].encode("ASCII")
24 ).decode("ASCII")
25+ if config["puller_public_ssh_key"]:
26+ config["puller_public_ssh_key"] = base64.b64decode(
27+ config["puller_public_ssh_key"].encode("ASCII")
28+ ).decode("ASCII")
29 templating.render(
30 "authorized_keys.j2",
31 os.path.join(ssh_dir, "authorized_keys"),
32diff --git a/charm/lp-codeimport-storage/templates/authorized_keys.j2 b/charm/lp-codeimport-storage/templates/authorized_keys.j2
33index 77d398e..7ecdd63 100644
34--- a/charm/lp-codeimport-storage/templates/authorized_keys.j2
35+++ b/charm/lp-codeimport-storage/templates/authorized_keys.j2
36@@ -1,2 +1,5 @@
37 restrict,from="{{ codeimport_subnets|join(",") }}" {{ public_ssh_key }}
38+{%- if puller_ip_address and puller_public_ssh_key %}
39+restrict,from="{{ puller_ip_address }}" {{ puller_public_ssh_key }}
40+{%- endif %}
41

Subscribers

People subscribed via source and target branches