[JENKINS-36997] CLI implementation of RemoteAgent#18
Merged
jglick merged 20 commits intojenkinsci:masterfrom Feb 10, 2017
Merged
[JENKINS-36997] CLI implementation of RemoteAgent#18jglick merged 20 commits intojenkinsci:masterfrom
jglick merged 20 commits intojenkinsci:masterfrom
Conversation
…stalled on a slave. Not working yet with keys protected by a passphrase.
OpenSSH 7.0 and greater disables use of ssh-dss public key algorithm. To allow tests to run on system with OpenSSH 7.0, explicitly enable ssh-dss by passing `-o HostKeyAlgorithms=+ssh-dss`.
Older OpenSSH implementations does not support the `...=+ssh-dss` syntax to add a key alg (mind the `+`), So use `...=ssh-dss` to make tests working also on pre-7.0 versions of OpenSSH. This is an amendment of commit 66bae3b.
…AgentServer would create.
Switching expectation to what ssh-agent, via ExecRemoteAgent, will create. From the man page:
FILES
$TMPDIR/ssh-XXXXXXXXXX/agent.<ppid>
UNIX-domain sockets used to contain the connection to the authen‐
tication agent. These sockets should only be readable by the
owner. The sockets should get automatically removed when the
agent exits.
…ree to connect to the test server without special options. apache/mina-sshd#29
…emoting calls were not exercised.
jglick
commented
Feb 9, 2017
| tw.writeMPInt(rpk.getModulus()); | ||
| return new String(Base64.encode(tw.getBytes())); | ||
| } | ||
| if (pk instanceof DSAPublicKey) { |
Member
Author
There was a problem hiding this comment.
Our tests use RSA, so there is no need to even check for this.
| sshd.getProperties().put(SshServer.WELCOME_BANNER, "Welcome to the Mock SSH Server\n"); | ||
| sshd.setKeyPairProvider(new SimpleGeneratorHostKeyProvider(new File(hostKey.getPath()))); | ||
| SimpleGeneratorHostKeyProvider hostKeyProvider = new SimpleGeneratorHostKeyProvider(new File(hostKey.getPath())); | ||
| hostKeyProvider.setAlgorithm(/* TODO when upgrading sshd: KeyUtils.RSA_ALGORITHM */"RSA"); // http://stackoverflow.com/a/33692432/12916 |
Member
Author
There was a problem hiding this comment.
Allow tests to run even with a newer ssh command connecting.
| job.getBuildersList().add(shell); | ||
|
|
||
| r.assertLogContains("Permission denied (publickey).", r.assertBuildStatus(Result.FAILURE, job.scheduleBuild2(0).get())); | ||
| r.assertLogContains("Failed to run ssh-add", r.assertBuildStatus(Result.FAILURE, job.scheduleBuild2(0).get())); |
Member
Author
There was a problem hiding this comment.
Used to proceed with the block even when the passphrase was bad, which did not make much sense—better to fail at once.
| * Stops the agent. | ||
| */ | ||
| void stop(); | ||
| void stop() throws IOException, InterruptedException; |
Member
Author
There was a problem hiding this comment.
These methods may now be running remote commands, so they should be allowed to throw reasonable exceptions.
| } finally { | ||
| purgeSockets(); | ||
| } | ||
| purgeSockets(); |
Member
Author
There was a problem hiding this comment.
Various updates related to exception handling from stop.
| SystemCredentialsProvider.getInstance().save(); | ||
|
|
||
| FreeStyleProject job = r.createFreeStyleProject(); | ||
| job.setAssignedNode(r.createSlave()); |
Member
Author
There was a problem hiding this comment.
Make sure the remote part works.
| story.j.assertBuildStatusSuccess(story.j.waitForCompletion(b)); | ||
|
|
||
| Pattern pattern = Pattern.compile("(?:SSH Agent (?:before|after) restart )/.+/ssh([0-9])+"); | ||
| Pattern pattern = Pattern.compile("(?:SSH Agent (?:before|after) restart )/.+/ssh-.+/agent.(\\d)+"); |
Member
Author
There was a problem hiding this comment.
Different socket path name patterns created by new implementation.
| <jenkins.version>1.609.3</jenkins.version> | ||
| <java.level>7</java.level> <!-- sshd-core is 7+ --> | ||
| <workflow-jenkins-plugin.version>1.9</workflow-jenkins-plugin.version> | ||
| <workflow-jenkins-plugin.version>1.14.2</workflow-jenkins-plugin.version> |
Member
Author
There was a problem hiding this comment.
The latest compatible with 1.609.3.
Member
Author
|
@reviewbybees done |
This was referenced Mar 10, 2021
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
JENKINS-36997; trying to finish #17.
-o HostKeyAlgorithms=ssh-dss(reference)ExecRemoteAgent.agent@reviewbybees