kas-container: add '--ssh-agent' option

The option mounts the SSH_AUTH_SOCK ssh agent socket, and sets the
environment variable in the container.

Signed-off-by: Anders Montonen <Anders.Montonen@iki.fi>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
This commit is contained in:
Anders Montonen 2022-03-25 10:40:18 +01:00 committed by Jan Kiszka
parent e9bdbe8cfa
commit 7909ee2b18

View File

@ -61,6 +61,7 @@ usage()
printf "%b" "--ssh-dir\t\tDirectory containing SSH configurations.\n"
printf "%b" "\t\t\tAvoid \$HOME/.ssh unless you fully trust the " \
"container.\n"
printf "%b" "--ssh-agent\t\tForward ssh-agent socket to the container.\n"
printf "%b" "--aws-dir\t\tDirectory containing AWScli configuration.\n"
printf "%b" "--git-credential-store\tFile path to the git credential " \
"store\n"
@ -210,6 +211,10 @@ while [ $# -gt 0 ]; do
KAS_SSH_DIR="$2"
shift 2
;;
--ssh-agent)
KAS_SSH_AUTH_SOCK=$(readlink -f "$SSH_AUTH_SOCK")
shift 1
;;
--aws-dir)
[ $# -gt 2 ] || usage
KAS_AWS_DIR="$2"
@ -384,6 +389,15 @@ if [ -n "${KAS_SSH_DIR}" ] ; then
set -- "$@" -v "$(readlink -f "${KAS_SSH_DIR}")":/etc/skel/.ssh:ro
fi
if [ -n "${KAS_SSH_AUTH_SOCK}" ]; then
if [ ! -S "${KAS_SSH_AUTH_SOCK}" ]; then
echo "Passed SSH_AUTH_SOCK '${KAS_SSH_AUTH_SOCK}' is not a socket"
exit 1
fi
set -- "$@" -v "${KAS_SSH_AUTH_SOCK}":/ssh-agent/ssh-auth-sock \
-e SSH_AUTH_SOCK=/ssh-agent/ssh-auth-sock
fi
if [ -n "${KAS_AWS_DIR}" ] ; then
if [ ! -d "${KAS_AWS_DIR}" ]; then
echo "Passed KAS_AWS_DIR '${KAS_AWS_DIR}' is not a directory"