JDM170/build
1
0
Fork 0
mirror of https://github.com/armbian/build synced 2025-09-24 19:47:06 +07:00
Code Issues Packages Projects Releases Wiki Activity

armbian-next: docker: passthrough of the SSH agent, via Docker magic on Darwin; enable for docker-shell and kernel-patches-to-git

Browse Source 
- don't check/verify/update SSH-related hostkey etc for git tree push
This commit is contained in:
Ricardo Pardini
2023-01-26 00:27:46 +01:00
parent 89d6c686c6
commit 6e267f5cd1
3 changed files with 25 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
lib/functions/cli/cli-docker.sh
View File

@@ -11,6 +11,12 @@ function cli_docker_pre_run() {
} }
function cli_docker_run() { function cli_docker_run() {
case "${DOCKER_SUBCMD}" in
shell)
declare -g DOCKER_PASS_SSH_AGENT="yes" # Pass SSH agent to docker
;;
esac
LOG_SECTION="docker_cli_prepare" do_with_logging docker_cli_prepare LOG_SECTION="docker_cli_prepare" do_with_logging docker_cli_prepare
if [[ "${DOCKERFILE_GENERATE_ONLY}" == "yes" ]]; then if [[ "${DOCKERFILE_GENERATE_ONLY}" == "yes" ]]; then

7
lib/functions/cli/cli-patch.sh
View File

@@ -1,5 +1,6 @@
function cli_patch_kernel_pre_run() { function cli_patch_kernel_pre_run() {
declare -g ARMBIAN_COMMAND_REQUIRE_BASIC_DEPS="yes" # Require prepare_host_basic to run before the command. declare -g ARMBIAN_COMMAND_REQUIRE_BASIC_DEPS="yes" # Require prepare_host_basic to run before the command.
declare -g DOCKER_PASS_SSH_AGENT="yes" # Pass SSH agent to docker
# "gimme root on a Linux machine" # "gimme root on a Linux machine"
cli_standard_relaunch_docker_or_sudo cli_standard_relaunch_docker_or_sudo
@@ -34,7 +35,7 @@ function cli_patch_kernel_run() {
"kernel-${LINUXFAMILY}-${KERNEL_MAJOR_MINOR}:${target_branch}") "kernel-${LINUXFAMILY}-${KERNEL_MAJOR_MINOR}:${target_branch}")
# Prepare the host and build kernel; without using standard build # Prepare the host and build kernel; without using standard build
prepare_host # This handles its own logging sections, and is possibly interactive. prepare_host # This handles its own logging sections, and is possibly interactive.
compile_kernel # This handles its own logging sections. compile_kernel # This handles its own logging sections.
display_alert "Done patching kernel" "${BRANCH} - ${LINUXFAMILY} - ${KERNEL_MAJOR_MINOR}" "cachehit" display_alert "Done patching kernel" "${BRANCH} - ${LINUXFAMILY} - ${KERNEL_MAJOR_MINOR}" "cachehit"
@@ -54,7 +55,9 @@ function cli_patch_kernel_run() {
display_alert "Git push command: " "${push_command[*]}" "info" display_alert "Git push command: " "${push_command[*]}" "info"
if [[ "${do_push}" == "yes" ]]; then if [[ "${do_push}" == "yes" ]]; then
display_alert "Pushing to ${target_branch}" "${target_repo_url}" "info" display_alert "Pushing to ${target_branch}" "${target_repo_url}" "info"
"${push_command[@]}" git_ensure_safe_directory "${SRC}/cache/git-bare/kernel"
# @TODO: do NOT allow shallow trees here, we need the full history to be able to push
GIT_SSH_COMMAND="ssh -o GlobalKnownHostsFile=/dev/null -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no" "${push_command[@]}"
display_alert "Done pushing to ${target_branch}" "${summary_url}" "info" display_alert "Done pushing to ${target_branch}" "${summary_url}" "info"
fi fi

14
lib/functions/host/docker.sh
View File

@@ -371,6 +371,20 @@ function docker_cli_prepare_launch() {
"--env" "GITHUB_WORKSPACE=${GITHUB_WORKSPACE}" "--env" "GITHUB_WORKSPACE=${GITHUB_WORKSPACE}"
) )
if [[ "${DOCKER_PASS_SSH_AGENT}" == "yes" ]]; then
declare ssh_socket_path="${SSH_AUTH_SOCK}"
if [[ "${OSTYPE}" == "darwin"* ]]; then # but probably only Docker Inc, not Rancher...
declare ssh_socket_path="/run/host-services/ssh-auth.sock" # this doesn't exist on-disk, it's "magic" from Docker Desktop
fi
if [[ "${ssh_socket_path}" != "" ]]; then
display_alert "Socket ${ssh_socket_path}" "SSH agent forwarding into Docker" "info"
DOCKER_ARGS+=("--env" "SSH_AUTH_SOCK=${ssh_socket_path}")
DOCKER_ARGS+=("--volume" "${ssh_socket_path}:${ssh_socket_path}")
else
display_alert "SSH agent forwarding" "not possible, SSH_AUTH_SOCK is not set" "wrn"
fi
fi
# If running on GitHub Actions, mount & forward some paths, so they're accessible inside Docker. # If running on GitHub Actions, mount & forward some paths, so they're accessible inside Docker.
if [[ "${CI}" == "true" ]] && [[ "${GITHUB_ACTIONS}" == "true" ]]; then if [[ "${CI}" == "true" ]] && [[ "${GITHUB_ACTIONS}" == "true" ]]; then
display_alert "Passing down to Docker" "GITHUB_OUTPUT: '${GITHUB_OUTPUT}'" "info" display_alert "Passing down to Docker" "GITHUB_OUTPUT: '${GITHUB_OUTPUT}'" "info"