Merge ~kirkland/ssh-import-id:master into ssh-import-id:master
- Git
- lp:~kirkland/ssh-import-id
- master
- Merge into master
Proposed by
Dustin Kirkland
Status: | Needs review |
---|---|
Proposed branch: | ~kirkland/ssh-import-id:master |
Merge into: | ssh-import-id:master |
Diff against target: |
246 lines (+71/-21) 11 files modified
README.md (+3/-2) debian/changelog (+9/-0) debian/control (+3/-3) debian/copyright (+1/-1) debian/links (+1/-0) debian/rules (+3/-7) dev/null (+0/-5) setup.py (+2/-1) ssh_import_id/__init__.py (+21/-1) usr/bin/ssh-import-id-gl (+24/-0) usr/share/man/man1/ssh-import-id.1 (+4/-1) |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Robie Basak | Pending | ||
Review via email:
|
Commit message
Added support for Gitlab
Description of the change
Added support for Gitlab
To post a comment you must log in.
Unmerged commits
- 17a4c7d... by Dustin Kirkland
-
added Gitlab support
Preview Diff
[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1 | diff --git a/README.md b/README.md | |||
2 | index e839b64..5bea7d5 100644 | |||
3 | --- a/README.md | |||
4 | +++ b/README.md | |||
5 | @@ -8,7 +8,7 @@ Oh. You have to ask them to cat their public SSH key, paste it into IRC (wait, n | |||
6 | 8 | 8 | ||
7 | 9 | That's where ssh-import-id comes in. With ssh-import-id, you can add the public SSH keys from a known, trusted online identity to grant SSH access. | 9 | That's where ssh-import-id comes in. With ssh-import-id, you can add the public SSH keys from a known, trusted online identity to grant SSH access. |
8 | 10 | 10 | ||
10 | 11 | Currently supported identities include Github and Launchpad. | 11 | Currently supported identities include Github, Gitlab, and Launchpad. |
11 | 12 | 12 | ||
12 | 13 | Usage | 13 | Usage |
13 | 14 | ----- | 14 | ----- |
14 | @@ -16,6 +16,7 @@ Usage | |||
15 | 16 | ssh-import-id uses short prefix to indicate the location of the online identity. For now, these are: | 16 | ssh-import-id uses short prefix to indicate the location of the online identity. For now, these are: |
16 | 17 | 17 | ||
17 | 18 | 'gh:' for Github | 18 | 'gh:' for Github |
18 | 19 | 'gl:' for Gitlab | ||
19 | 19 | 'lp:' for Launchpad | 20 | 'lp:' for Launchpad |
20 | 20 | 21 | ||
21 | 21 | Command line help: | 22 | Command line help: |
22 | @@ -41,7 +42,7 @@ If you wanted me to be able to ssh into your server, as the desired user on that | |||
23 | 41 | 42 | ||
24 | 42 | You can also import multiple users on the same line, even from different key services, like so: | 43 | You can also import multiple users on the same line, even from different key services, like so: |
25 | 43 | 44 | ||
27 | 44 | $ ssh-import-id gh:cmars lp:kirkland | 45 | $ ssh-import-id gh:cmars lp:kirkland gl:speeves |
28 | 45 | 46 | ||
29 | 46 | Used with care, it's a great collaboration tool! | 47 | Used with care, it's a great collaboration tool! |
30 | 47 | 48 | ||
31 | diff --git a/debian/changelog b/debian/changelog | |||
32 | index 32ed111..13e6200 100644 | |||
33 | --- a/debian/changelog | |||
34 | +++ b/debian/changelog | |||
35 | @@ -1,3 +1,12 @@ | |||
36 | 1 | ssh-import-id (5.12) unreleased; urgency=medium | ||
37 | 2 | |||
38 | 3 | [ Dustin Kirkland, Shannon Eric Peevey, Gabriel Mazetto ] | ||
39 | 4 | * debian/control, debian/copyright, debian/links, README.md, setup.py, | ||
40 | 5 | ssh_import_id/__init__.py, usr/share/man/man1/ssh-import-id.1: | ||
41 | 6 | - adding support for Gitlab.com | ||
42 | 7 | |||
43 | 8 | -- Dustin Kirkland <kirkland@ubuntu.com> Mon, 26 Jun 2023 19:50:29 -0500 | ||
44 | 9 | |||
45 | 1 | ssh-import-id (5.11-0ubuntu1) hirsute; urgency=medium | 10 | ssh-import-id (5.11-0ubuntu1) hirsute; urgency=medium |
46 | 2 | 11 | ||
47 | 3 | * Upstream Release 5.11 | 12 | * Upstream Release 5.11 |
48 | diff --git a/debian/changelog.trunk b/debian/changelog.trunk | |||
49 | 4 | deleted file mode 100644 | 13 | deleted file mode 100644 |
50 | index 39d90e2..0000000 | |||
51 | --- a/debian/changelog.trunk | |||
52 | +++ /dev/null | |||
53 | @@ -1,5 +0,0 @@ | |||
54 | 1 | ssh-import-id (UPSTREAM_VER-0~upstream0) UNRELEASED; urgency=medium | ||
55 | 2 | |||
56 | 3 | * UNRELEASED | ||
57 | 4 | |||
58 | 5 | -- Dustin Kirkland <kirkland@ubuntu.com> Tue, 11 Jul 2017 15:51:44 -0500 | ||
59 | diff --git a/debian/control b/debian/control | |||
60 | index 99c5b75..e24998e 100644 | |||
61 | --- a/debian/control | |||
62 | +++ b/debian/control | |||
63 | @@ -24,6 +24,6 @@ Depends: ca-certificates, | |||
64 | 24 | Recommends: openssh-server | 24 | Recommends: openssh-server |
65 | 25 | Description: securely retrieve an SSH public key and install it locally | 25 | Description: securely retrieve an SSH public key and install it locally |
66 | 26 | This utility will securely contact a public keyserver (Launchpad.net by | 26 | This utility will securely contact a public keyserver (Launchpad.net by |
70 | 27 | default, but Github.com is also supported), retrieve one or more user's | 27 | default, but Github.com and Gitlab.com are also supported), retrieve one |
71 | 28 | public keys, and append these to the current user's ~/.ssh/authorized_keys | 28 | or more user's public keys, and append these to the current user's |
72 | 29 | file. | 29 | ~/.ssh/authorized_keys file. |
73 | diff --git a/debian/copyright b/debian/copyright | |||
74 | index bb8e48a..ffedd84 100644 | |||
75 | --- a/debian/copyright | |||
76 | +++ b/debian/copyright | |||
77 | @@ -6,7 +6,7 @@ Upstream-Contact: Dustin Kirkland <kirkland@ubuntu.com> | |||
78 | 6 | Files: * | 6 | Files: * |
79 | 7 | Copyright: 2010, Canonical Ltd. | 7 | Copyright: 2010, Canonical Ltd. |
80 | 8 | 2013, Casey Marshall <casey.marshall@gmail.com> | 8 | 2013, Casey Marshall <casey.marshall@gmail.com> |
82 | 9 | 2013, Dustin Kirkland <dustin.kirkland@gmail.com> | 9 | 2013-2023, Dustin Kirkland <dustin.kirkland@gmail.com> |
83 | 10 | License: GPL-3 | 10 | License: GPL-3 |
84 | 11 | This program is free software: you can redistribute it and/or modify | 11 | This program is free software: you can redistribute it and/or modify |
85 | 12 | it under the terms of the GNU General Public License as published by | 12 | it under the terms of the GNU General Public License as published by |
86 | diff --git a/debian/links b/debian/links | |||
87 | index 1ad132a..39d8ac8 100644 | |||
88 | --- a/debian/links | |||
89 | +++ b/debian/links | |||
90 | @@ -1,2 +1,3 @@ | |||
91 | 1 | usr/share/man/man1/ssh-import-id.1 usr/share/man/man1/ssh-import-id-lp.1 | 1 | usr/share/man/man1/ssh-import-id.1 usr/share/man/man1/ssh-import-id-lp.1 |
92 | 2 | usr/share/man/man1/ssh-import-id.1 usr/share/man/man1/ssh-import-id-gh.1 | 2 | usr/share/man/man1/ssh-import-id.1 usr/share/man/man1/ssh-import-id-gh.1 |
93 | 3 | usr/share/man/man1/ssh-import-id.1 usr/share/man/man1/ssh-import-id-gl.1 | ||
94 | diff --git a/debian/rules b/debian/rules | |||
95 | index 75bb1da..f66f72d 100755 | |||
96 | --- a/debian/rules | |||
97 | +++ b/debian/rules | |||
98 | @@ -3,13 +3,9 @@ | |||
99 | 3 | # Uncomment this to turn on verbose mode. | 3 | # Uncomment this to turn on verbose mode. |
100 | 4 | #export DH_VERBOSE=1 | 4 | #export DH_VERBOSE=1 |
101 | 5 | 5 | ||
102 | 6 | DEB_VERSION := $(shell dpkg-parsechangelog --show-field=Version) | ||
103 | 7 | |||
104 | 8 | %: | 6 | %: |
105 | 9 | dh $@ --with python3 --buildsystem=pybuild | 7 | dh $@ --with python3 --buildsystem=pybuild |
106 | 10 | 8 | ||
112 | 11 | override_dh_auto_install: | 9 | override_dh_clean: |
113 | 12 | dh_auto_install | 10 | rm -rf *.egg-info/ |
114 | 13 | # upstream provides a way to patch in the distro | 11 | dh_clean |
110 | 14 | # version by replacing @@PACKAGED_VERSION@@ in version.py | ||
111 | 15 | for f in $$(find $(CURDIR)/debian/ -type f -name version.py); do [ -f "$$f" ] || continue; sed -i 's,@@PACKAGED_VERSION@@,$(DEB_VERSION),' "$$f"; done | ||
115 | diff --git a/setup.py b/setup.py | |||
116 | index f00afa6..45b5629 100755 | |||
117 | --- a/setup.py | |||
118 | +++ b/setup.py | |||
119 | @@ -2,6 +2,7 @@ | |||
120 | 2 | # | 2 | # |
121 | 3 | # ssh-import-id - Authorize SSH public keys from trusted online identities. | 3 | # ssh-import-id - Authorize SSH public keys from trusted online identities. |
122 | 4 | # Copyright (c) 2013 Casey Marshall <casey.marshall@gmail.com> | 4 | # Copyright (c) 2013 Casey Marshall <casey.marshall@gmail.com> |
123 | 5 | # Copyright (c) 2023 Dustin Kirkland <dustin.kirkland@gmail.com> | ||
124 | 5 | # | 6 | # |
125 | 6 | # ssh-import-id is free software: you can redistribute it and/or modify | 7 | # ssh-import-id is free software: you can redistribute it and/or modify |
126 | 7 | # it under the terms of the GNU General Public License as published by | 8 | # it under the terms of the GNU General Public License as published by |
127 | @@ -50,7 +51,7 @@ setup( | |||
128 | 50 | url='https://launchpad.net/ssh-import-id', | 51 | url='https://launchpad.net/ssh-import-id', |
129 | 51 | platforms=['any'], | 52 | platforms=['any'], |
130 | 52 | packages=['ssh_import_id'], | 53 | packages=['ssh_import_id'], |
132 | 53 | scripts=['usr/bin/ssh-import-id-gh', 'usr/bin/ssh-import-id-lp'], | 54 | scripts=['usr/bin/ssh-import-id-gh', 'usr/bin/ssh-import-id-lp', 'usr/bin/ssh-import-id-gl'], |
133 | 54 | install_requires=["distro"], | 55 | install_requires=["distro"], |
134 | 55 | entry_points={ | 56 | entry_points={ |
135 | 56 | 'console_scripts': [ | 57 | 'console_scripts': [ |
136 | diff --git a/ssh_import_id/__init__.py b/ssh_import_id/__init__.py | |||
137 | index 034adda..b8a05a9 100644 | |||
138 | --- a/ssh_import_id/__init__.py | |||
139 | +++ b/ssh_import_id/__init__.py | |||
140 | @@ -3,7 +3,7 @@ | |||
141 | 3 | # ssh-import-id - Authorize SSH public keys from trusted online identities | 3 | # ssh-import-id - Authorize SSH public keys from trusted online identities |
142 | 4 | # | 4 | # |
143 | 5 | # Copyright (c) 2013 Casey Marshall <casey.marshall@gmail.com> | 5 | # Copyright (c) 2013 Casey Marshall <casey.marshall@gmail.com> |
145 | 6 | # Copyright (c) 2013 Dustin Kirkland <dustin.kirkland@gmail.com> | 6 | # Copyright (c) 2013-2023 Dustin Kirkland <dustin.kirkland@gmail.com> |
146 | 7 | # | 7 | # |
147 | 8 | # ssh-import-id is free software: you can redistribute it and/or modify | 8 | # ssh-import-id is free software: you can redistribute it and/or modify |
148 | 9 | # it under the terms of the GNU General Public License as published by | 9 | # it under the terms of the GNU General Public License as published by |
149 | @@ -26,6 +26,7 @@ except ImportError: | |||
150 | 26 | JSONDecodeError = ValueError | 26 | JSONDecodeError = ValueError |
151 | 27 | import logging | 27 | import logging |
152 | 28 | import os | 28 | import os |
153 | 29 | import requests | ||
154 | 29 | import subprocess | 30 | import subprocess |
155 | 30 | import sys | 31 | import sys |
156 | 31 | import tempfile | 32 | import tempfile |
157 | @@ -224,6 +225,8 @@ def fetch_keys(proto, username, useragent): | |||
158 | 224 | return fetch_keys_lp(username, useragent) | 225 | return fetch_keys_lp(username, useragent) |
159 | 225 | if proto == "gh": | 226 | if proto == "gh": |
160 | 226 | return fetch_keys_gh(username, useragent) | 227 | return fetch_keys_gh(username, useragent) |
161 | 228 | if proto == "gl": | ||
162 | 229 | return fetch_keys_gl(username, useragent) | ||
163 | 227 | 230 | ||
164 | 228 | die("ssh-import-id protocol handler %s: not found or cannot execute" % | 231 | die("ssh-import-id protocol handler %s: not found or cannot execute" % |
165 | 229 | (proto)) | 232 | (proto)) |
166 | @@ -355,6 +358,23 @@ def fetch_keys_gh(ghid, useragent): | |||
167 | 355 | die(str(e)) | 358 | die(str(e)) |
168 | 356 | return keys | 359 | return keys |
169 | 357 | 360 | ||
170 | 361 | def fetch_keys_gl(glid, useragent): | ||
171 | 362 | try: | ||
172 | 363 | url = os.getenv("URL", None) | ||
173 | 364 | if url is not None: | ||
174 | 365 | url = url % (quote_plus(glid)) | ||
175 | 366 | # Finally, fall back to gitlab.com | ||
176 | 367 | if url is None: | ||
177 | 368 | url = "https://gitlab.com/%s.keys" % (quote_plus(glid)) | ||
178 | 369 | headers = {'User-Agent': user_agent(useragent)} | ||
179 | 370 | text = requests.get(url, verify=True, headers=headers).text | ||
180 | 371 | keys = str(text) | ||
181 | 372 | except (Exception,): | ||
182 | 373 | e = sys.exc_info()[1] | ||
183 | 374 | sys.stderr.write("ERROR: %s\n" % (str(e))) | ||
184 | 375 | os._exit(1) | ||
185 | 376 | return keys | ||
186 | 377 | |||
187 | 358 | 378 | ||
188 | 359 | def main(): | 379 | def main(): |
189 | 360 | errors = [] | 380 | errors = [] |
190 | diff --git a/usr/bin/ssh-import-id-gl b/usr/bin/ssh-import-id-gl | |||
191 | 361 | new file mode 100644 | 381 | new file mode 100644 |
192 | index 0000000..5aa5fa7 | |||
193 | --- /dev/null | |||
194 | +++ b/usr/bin/ssh-import-id-gl | |||
195 | @@ -0,0 +1,24 @@ | |||
196 | 1 | #!/bin/sh | ||
197 | 2 | # | ||
198 | 3 | # ssh-import-id-gl - Authorize SSH public keys from trusted online identities. | ||
199 | 4 | # | ||
200 | 5 | # Copyright (c) 2016-2023 Dustin Kirkland <dustin.kirkland@gmail.com> | ||
201 | 6 | # Copyright (c) 2022 Shannon Eric Peevey <shannonpeevey@gmail.com> | ||
202 | 7 | # | ||
203 | 8 | # ssh-import-id is free software: you can redistribute it and/or modify | ||
204 | 9 | # it under the terms of the GNU General Public License as published by | ||
205 | 10 | # the Free Software Foundation, version 3. | ||
206 | 11 | # | ||
207 | 12 | # ssh-import-id is distributed in the hope that it will be useful, | ||
208 | 13 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
209 | 14 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
210 | 15 | # GNU General Public License for more details. | ||
211 | 16 | # | ||
212 | 17 | # You should have received a copy of the GNU General Public License | ||
213 | 18 | # along with ssh-import-id. If not, see <http://www.gnu.org/licenses/>. | ||
214 | 19 | |||
215 | 20 | set -e | ||
216 | 21 | |||
217 | 22 | for i in $@; do | ||
218 | 23 | ssh-import-id gl:$i | ||
219 | 24 | done | ||
220 | diff --git a/usr/share/man/man1/ssh-import-id.1 b/usr/share/man/man1/ssh-import-id.1 | |||
221 | index 6d26fa7..fa52bb5 100644 | |||
222 | --- a/usr/share/man/man1/ssh-import-id.1 | |||
223 | +++ b/usr/share/man/man1/ssh-import-id.1 | |||
224 | @@ -9,12 +9,14 @@ | |||
225 | 9 | 9 | ||
226 | 10 | .BI "ssh\-import\-id\-gh USER_ID_1 [USER_ID_2] ... [USER_ID_n] | 10 | .BI "ssh\-import\-id\-gh USER_ID_1 [USER_ID_2] ... [USER_ID_n] |
227 | 11 | 11 | ||
228 | 12 | .BI "ssh\-import\-id\-gl USER_ID_1 [USER_ID_2] ... [USER_ID_n] | ||
229 | 13 | |||
230 | 12 | .SH OPTIONS | 14 | .SH OPTIONS |
231 | 13 | \-h | \-\-help usage | 15 | \-h | \-\-help usage |
232 | 14 | \-o | \-\-output F write output to file 'F' (default ~/.ssh/authorized_keys, use "\-" for standard out) | 16 | \-o | \-\-output F write output to file 'F' (default ~/.ssh/authorized_keys, use "\-" for standard out) |
233 | 15 | \-r | \-\-remove remove keys from authorized keys file 'F' | 17 | \-r | \-\-remove remove keys from authorized keys file 'F' |
234 | 16 | \-u | \-\-useragent U append U to the user agent string | 18 | \-u | \-\-useragent U append U to the user agent string |
236 | 17 | PROTO:USER_ID Protocol can be 'lp' for Launchpad.net, or 'gh' for Github.com | 19 | PROTO:USER_ID Protocol can be 'lp' for Launchpad.net, 'gh' for Github.com, or 'gl' for Gitlab.com |
237 | 18 | 20 | ||
238 | 19 | .SH DESCRIPTION | 21 | .SH DESCRIPTION |
239 | 20 | This utility will securely contact a public keyserver and retrieve one or more user's public keys, and append these to the current user's \fI~/.ssh/authorized_keys\fP file, standard output or any other specified output file. | 22 | This utility will securely contact a public keyserver and retrieve one or more user's public keys, and append these to the current user's \fI~/.ssh/authorized_keys\fP file, standard output or any other specified output file. |
240 | @@ -23,6 +25,7 @@ User IDs can be prepended by a protocol: | |||
241 | 23 | 25 | ||
242 | 24 | - \fBlp:\fP to use \fIhttps://launchpad.net/~%s/+sshkeys\fP | 26 | - \fBlp:\fP to use \fIhttps://launchpad.net/~%s/+sshkeys\fP |
243 | 25 | - \fBgh:\fP to use \fIhttps://api.github.com/users/%s/keys\fP | 27 | - \fBgh:\fP to use \fIhttps://api.github.com/users/%s/keys\fP |
244 | 28 | - \fBgl:\fP to use \fIhttps://gitlab.com/%s.keys\fP | ||
245 | 26 | 29 | ||
246 | 27 | If the protocol is not explicitly specified, then \fBssh-import-id\fP will read a URL variable string from \fI/etc/ssh/ssh_import_id\fP as installed by your package manager and configured by your system administrator. You can override this locally by exporting the string you want in a URL environment variable. If all of these are empty, then the protocol is assumed to be "lp:", which was the original target implementation of this tool. | 30 | If the protocol is not explicitly specified, then \fBssh-import-id\fP will read a URL variable string from \fI/etc/ssh/ssh_import_id\fP as installed by your package manager and configured by your system administrator. You can override this locally by exporting the string you want in a URL environment variable. If all of these are empty, then the protocol is assumed to be "lp:", which was the original target implementation of this tool. |
247 | 28 | 31 |