diff --git a/docs/command-line.rst b/docs/command-line.rst index 91e4d6f..86f6b7b 100644 --- a/docs/command-line.rst +++ b/docs/command-line.rst @@ -10,67 +10,79 @@ Command line usage Environment variables --------------------- -+-----------------------+-----------------------------------------------------+ -| Environment variables | Description | -+=======================+=====================================================+ -| ``KAS_WORK_DIR`` | The path of the kas work directory, current work | -| | directory is the default. | -+-----------------------+-----------------------------------------------------+ -| ``KAS_BUILD_DIR`` | The path build directory, ``${KAS_WORK_DIR}/build`` | -| | is the default. | -+-----------------------+-----------------------------------------------------+ -| ``KAS_REPO_REF_DIR`` | The path to the repository reference directory. | -| | Repositories in this directory are used as | -| | references when cloning. In order for kas to find | -| | those repositories, they have to be named in a | -| | specific way. The repo URLs are translated like | -| | this: "https://github.com/siemens/meta-iot2000.git" | -| | resolves to the name | -| | "github.com.siemens.meta-iot2000.git". | -+-----------------------+-----------------------------------------------------+ -| ``KAS_DISTRO`` | This overwrites the respective setting in the | -| ``KAS_MACHINE`` | configuration file. | -| ``KAS_TARGET`` | | -| ``KAS_TASK`` | | -+-----------------------+-----------------------------------------------------+ -| ``KAS_PREMIRRORS`` | Specifies alternatives for repo URLs. Just like | -| | bitbake ``PREMIRRORS``, this variable consists of | -| | new-line separated entries. Each entry defines a | -| | regular expression to match a URL and, space- | -| | separated, its replacement. E.g.: | -| | "https://.*\.somehost\.io/ https://localmirror.net/"| -+-----------------------+-----------------------------------------------------+ -| ``SSH_PRIVATE_KEY`` | Path to the private key file that should be added | -| | to an internal ssh-agent. This key cannot be | -| | password protected. This setting is useful for CI | -| | build servers. On desktop machines, an ssh-agent | -| | running outside the kas environment is more useful. | -+-----------------------+-----------------------------------------------------+ -| ``SSH_AUTH_SOCK`` | SSH authentication socket. Used for cloning over | -| | SSH (alternative to ``SSH_PRIVATE_KEY``). | -+-----------------------+-----------------------------------------------------+ -| ``DL_DIR`` | Environment variables that are transferred to the | -| ``SSTATE_DIR`` | bitbake environment. | -| ``TMPDIR`` | | -+-----------------------+-----------------------------------------------------+ -| ``http_proxy`` | This overwrites the proxy configuration in the | -| ``https_proxy`` | configuration file. | -| ``ftp_proxy`` | | -| ``no_proxy`` | | -+-----------------------+-----------------------------------------------------+ -| ``GIT_PROXY_COMMAND`` | Set proxy for native git fetches. ``NO_PROXY`` is | -| ``NO_PROXY`` | evaluated by OpenEmbedded's oe-git-proxy script. | -+-----------------------+-----------------------------------------------------+ -| ``SHELL`` | The shell to start when using the `shell` plugin. | -+-----------------------+-----------------------------------------------------+ -| ``TERM`` | The terminal options used in the `shell` plugin. | -+-----------------------+-----------------------------------------------------+ -| ``AWS_CONFIG_FILE`` | Path to the awscli configuration and credentials | -| |aws_cred| | file that are copied to the kas home dir. | -+-----------------------+-----------------------------------------------------+ -| |git_cred| | Allows to set the git credential helper in the | -| | `.gitconfig` of the kas user. | -+-----------------------+-----------------------------------------------------+ ++--------------------------+--------------------------------------------------+ +| Environment variables | Description | ++==========================+==================================================+ +| ``KAS_WORK_DIR`` | The path of the kas work directory, current work | +| | directory is the default. | ++--------------------------+--------------------------------------------------+ +| ``KAS_BUILD_DIR`` | The path build directory, | +| | ``${KAS_WORK_DIR}/build`` is the default. | ++--------------------------+--------------------------------------------------+ +| ``KAS_REPO_REF_DIR`` | The path to the repository reference directory. | +| | Repositories in this directory are used as | +| | references when cloning. In order for kas to | +| | find those repositories, they have to be named | +| | in a specific way. The repo URLs are translated | +| | like this: | +| | "https://github.com/siemens/meta-iot2000.git" | +| | resolves to the name | +| | "github.com.siemens.meta-iot2000.git". | ++--------------------------+--------------------------------------------------+ +| ``KAS_DISTRO`` | This overwrites the respective setting in the | +| ``KAS_MACHINE`` | configuration file. | +| ``KAS_TARGET`` | | +| ``KAS_TASK`` | | ++--------------------------+--------------------------------------------------+ +| ``KAS_PREMIRRORS`` | Specifies alternatives for repo URLs. Just like | +| | bitbake ``PREMIRRORS``, this variable consists | +| | of new-line separated entries. Each entry | +| | defines a regular expression to match a URL and, | +| | space-separated, its replacement. E.g.: | +| | "http://.*\.someurl\.io/ http://localmirror.net/"| ++--------------------------+--------------------------------------------------+ +| ``SSH_PRIVATE_KEY`` | Variable containing the private key that should | +| | be added to an internal ssh-agent. This key | +| | cannot be password protected. This setting is | +| | useful for CI build servers. On desktop | +| | machines, an ssh-agent running outside the kas | +| | environment is more useful. | ++--------------------------+--------------------------------------------------+ +| ``SSH_PRIVATE_KEY_FILE`` | Path to the private key file that should be | +| | added to an internal ssh-agent. This key cannot | +| | be password protected. This setting is useful | +| | for CI build servers. On desktop machines, an | +| | ssh-agent running outside the kas environment is | +| | more useful. | ++--------------------------+--------------------------------------------------+ +| ``SSH_AUTH_SOCK`` | SSH authentication socket. Used for cloning over | +| | SSH (alternative to ``SSH_PRIVATE_KEY`` or | +| | ``SSH_PRIVATE_KEY_FILE``). | ++--------------------------+--------------------------------------------------+ +| ``DL_DIR`` | Environment variables that are transferred to | +| ``SSTATE_DIR`` | the bitbake environment. | +| ``TMPDIR`` | | ++--------------------------+--------------------------------------------------+ +| ``http_proxy`` | This overwrites the proxy configuration in the | +| ``https_proxy`` | configuration file. | +| ``ftp_proxy`` | | +| ``no_proxy`` | | ++--------------------------+--------------------------------------------------+ +| ``GIT_PROXY_COMMAND`` | Set proxy for native git fetches. ``NO_PROXY`` | +| ``NO_PROXY`` | is evaluated by OpenEmbedded's oe-git-proxy | +| | script. | ++--------------------------+--------------------------------------------------+ +| ``SHELL`` | The shell to start when using the `shell` | +| | plugin. | ++--------------------------+--------------------------------------------------+ +| ``TERM`` | The terminal options used in the `shell` plugin. | ++--------------------------+--------------------------------------------------+ +| ``AWS_CONFIG_FILE`` | Path to the awscli configuration and credentials | +| |aws_cred| | file that are copied to the kas home dir. | ++--------------------------+--------------------------------------------------+ +| |git_cred| | Allows to set the git credential helper in the | +| | `.gitconfig` of the kas user. | ++--------------------------+--------------------------------------------------+ .. |aws_cred| replace:: ``AWS_SHARED_CREDENTIALS_FILE`` .. |git_cred| replace:: ``GIT_CREDENTIAL_HELPER`` diff --git a/kas/libcmds.py b/kas/libcmds.py index 9f43955..1801630 100644 --- a/kas/libcmds.py +++ b/kas/libcmds.py @@ -50,7 +50,8 @@ class Macro: SetupDir(), ] - if 'SSH_PRIVATE_KEY' in os.environ: + if ('SSH_PRIVATE_KEY' in os.environ + or 'SSH_PRIVATE_KEY_FILE' in os.environ): self.setup_commands.append(SetupSSHAgent()) self.setup_commands += [ @@ -65,7 +66,9 @@ class Macro: else: self.setup_commands = [] - if use_common_cleanup and 'SSH_PRIVATE_KEY' in os.environ: + if (use_common_cleanup + and ('SSH_PRIVATE_KEY' in os.environ + or 'SSH_PRIVATE_KEY_FILE' in os.environ)): self.cleanup_commands = [ CleanupSSHAgent(), ] diff --git a/kas/libkas.py b/kas/libkas.py index 939589f..215f80a 100644 --- a/kas/libkas.py +++ b/kas/libkas.py @@ -268,6 +268,15 @@ def get_build_environ(build_system): return env +def ssh_add_key_file(env, key_path): + """ + Adds an ssh key file to the ssh-agent + """ + with open(key_path) as f: + key = f.read() + ssh_add_key(env, key) + + def ssh_add_key(env, key): """ Adds an ssh key to the ssh-agent @@ -307,20 +316,32 @@ def ssh_setup_agent(envkeys=None): Starts the ssh-agent """ env = get_context().environ - envkeys = envkeys or ['SSH_PRIVATE_KEY'] + envkeys = envkeys or ['SSH_PRIVATE_KEY', 'SSH_PRIVATE_KEY_FILE'] output = os.popen('ssh-agent -s').readlines() for line in output: matches = re.search(r"(\S+)\=(\S+)\;", line) if matches: env[matches.group(1)] = matches.group(2) + found = False for envkey in envkeys: - key = os.environ.get(envkey) - if key: - logging.info("adding SSH key") - ssh_add_key(env, key) + if envkey == 'SSH_PRIVATE_KEY_FILE': + key_path = os.environ.get(envkey) + if key_path: + found = True + logging.info("adding SSH key") + ssh_add_key_file(env, key_path) else: - logging.warning('%s is missing', envkey) + key = os.environ.get(envkey) + if key: + found = True + logging.info("adding SSH key") + ssh_add_key(env, key) + + if found is not True: + warning = "None of the following environment keys were set: " + \ + ", ".join(envkeys) + logging.warning(warning) def ssh_no_host_key_check():