From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 16BA8652 for ; Fri, 8 Mar 2024 00:04:01 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.137.202.133 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709856243; cv=none; b=F+NpKr5LWeQj8FFxLxEatBrZG1D2AzH8vyfETX/JORrlkklll43Ux6yu822ID2dcuxBSvy8lFmR9ayT1/2vC5W3zZoqzocgaaBh78CMc779jNpX2sy0M15T4V8h7GW13Po0zTho+v/d2GFJ6LelWCBdYEjUZjur/7PVMcwFyWtE= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709856243; c=relaxed/simple; bh=pYwn1TPTYGfwBNsO5YPawj4iiYZrH2p52HNnaKkwbdQ=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=tjLVXZv1zT69LFNqZ2PKReE7fJ2pVCENYOiEj4MKDCzRmJJXpO/RzyDLqIP5P32q1FloJWjPyEzKafgG29y7xeE3s9/4P6wBBDpFsjHNHMytyYmsvOP8BrPyu2dmvGhyff/ID75Lq0oRlXUda6n0oPT/LWg6YIWGSnHvdoSOK8o= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=kernel.org; spf=none smtp.mailfrom=infradead.org; dkim=pass (2048-bit key) header.d=infradead.org header.i=@infradead.org header.b=NN4DI6DG; arc=none smtp.client-ip=198.137.202.133 Authentication-Results: smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=kernel.org Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=infradead.org Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=infradead.org header.i=@infradead.org header.b="NN4DI6DG" DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=bombadil.20210309; h=Sender:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description; bh=CGZII0pA3CLZUROw1RgaGW68OGaDhvtv4CVhHkKeZaI=; b=NN4DI6DGWIg+cd+5EMLHluJRvt 8xuzKdBwcV8rDDLfw3JmIlFquiXQTk55MaAsJyc8X0jkK0B8TALgSH2a42WAPv2oYyAKx/YUwDClT 9Cb1XSHRqTDtQTFuMjhz6XCGOhQklbfR9M9byc1L1kdaBSmIxQRtjvpqd18oDhxAwPP3ju2tisiQ+ glG3mUKeTFHkcYa1tOrCevtK46m0Hs+z5Gdh/iXhatOxl1HwkxH+nYozrbxZt9SvQ/1eYW11ROwMz j4Jt7/VevWpvUp1wNDRO0C9odVpzSm4wryhXoP0yT8V5bf9aTVkz2dmfqWl6bp8Ek3WlDGacN4kJf Otj4qp3g==; Received: from mcgrof by bombadil.infradead.org with local (Exim 4.97.1 #2 (Red Hat Linux)) id 1riNiT-00000006uQo-22Ow; Fri, 08 Mar 2024 00:04:01 +0000 From: Luis Chamberlain To: kdevops@lists.linux.dev Cc: Luis Chamberlain Subject: [PATCH 8/8] guestfs: verify new line on ssh include directive Date: Thu, 7 Mar 2024 16:03:59 -0800 Message-ID: <20240308000400.1646823-9-mcgrof@kernel.org> X-Mailer: git-send-email 2.44.0 In-Reply-To: <20240308000400.1646823-1-mcgrof@kernel.org> References: <20240308000400.1646823-1-mcgrof@kernel.org> Precedence: bulk X-Mailing-List: kdevops@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: Luis Chamberlain If the ansible task added the include directive for kdevops and later a new host entry was added (say with Vagrant), it means the Include directive is followed by an entry without a new line. This will mean ssh won't use that include file. So we need to be a bit paranoid with this effort. So we are going to first check if this sanity check was done first by looking for a special new tag we're going to add now, if that exists we know we've our job and can bail. Otherwise we're going to remove the old stale line, move it to the top and ensure its at the top of the file. To ensure a new line is used we use the ansible block module, and we take advantage of this by adding the version of kdevops we use to add this. That's our marker that the include directive is OK. Fixes: e9390b898f98 ("guestfs: add the Include directive to ~/.ssh/config") Signed-off-by: Luis Chamberlain --- .../update_ssh_config_guestfs/tasks/main.yml | 58 ++++++++++++++++++- scripts/bringup_guestfs.sh | 1 - scripts/guestfs.Makefile | 1 + 3 files changed, 57 insertions(+), 3 deletions(-) diff --git a/playbooks/roles/update_ssh_config_guestfs/tasks/main.yml b/playbooks/roles/update_ssh_config_guestfs/tasks/main.yml index 368f9941..4ac1ce44 100644 --- a/playbooks/roles/update_ssh_config_guestfs/tasks/main.yml +++ b/playbooks/roles/update_ssh_config_guestfs/tasks/main.yml @@ -1,6 +1,60 @@ -- name: Add Include directive to ~/.ssh/config +# Check if the include directive is already presetn +- name: Check if the kdevops include directive was used + lineinfile: + path: ~/.ssh/config + regexp: "Include ~/.ssh/config_kdevops_*" + state: absent + check_mode: yes + changed_when: false + register: kdevops_ssh_include + +# Check if the the kdevops_version was added in a comment +- name: Check if the new include directive was used with a kdevops_version comment + lineinfile: + path: ~/.ssh/config + regexp: "^#(.*)kdevops_version(.*)" + state: absent + check_mode: yes + changed_when: false + register: fixed_ssh_entry + +# If both the include directive was found and kdevops version comment was found +# we bail right away to avoid updating the ssh config file always. +- name: Check if the new fixed include directive was used + meta: end_play + when: + - kdevops_ssh_include.found + - fixed_ssh_entry.found + +# If we're still running it means the correct include directive following a new +# line was not found. So remove old stale include directives which may be +# buggy. +- name: Add remove buggy stale include directive to ~/.ssh/config without a new line which was buggy lineinfile: path: ~/.ssh/config line: "Include ~/.ssh/config_kdevops_*" - insertbefore: "BOF" + state: absent + +- name: Remove any stale kdevops comments + lineinfile: + path: ~/.ssh/config + regexp: "^#(.*)kdevops(.*)" + state: absent + +- name: Remove any extra new lines + replace: + path: ~/.ssh/config + regexp: '(^\s*$)' + replace: '' + +# ssh include directives must follow a new line. +- name: Add Include directive to ~/.ssh/config + blockinfile: + path: ~/.ssh/config + insertbefore: BOF + marker: "{mark}" + marker_begin: "# Automatically added by kdevops\n# kdevops_version: {{ kdevops_version }}" + marker_end: "" create: true + block: | + Include ~/.ssh/config_kdevops_* diff --git a/scripts/bringup_guestfs.sh b/scripts/bringup_guestfs.sh index b55b6a92..2b5b3857 100755 --- a/scripts/bringup_guestfs.sh +++ b/scripts/bringup_guestfs.sh @@ -109,7 +109,6 @@ do cp --reflink=auto $BASE_IMAGE $ROOTIMG virt-sysprep -a $ROOTIMG --hostname $name --ssh-inject "kdevops:file:$SSH_KEY.pub" - if [[ "$CONFIG_LIBVIRT_ENABLE_LARGEIO" == "y" ]]; then lbs_idx=1 for i in $(seq 1 $(($CONFIG_QEMU_LARGEIO_MAX_POW_LIMIT+1))); do diff --git a/scripts/guestfs.Makefile b/scripts/guestfs.Makefile index 6328cfd5..cfa59cc6 100644 --- a/scripts/guestfs.Makefile +++ b/scripts/guestfs.Makefile @@ -66,6 +66,7 @@ $(KDEVOPS_PROVISIONED_SSH): ansible-playbook $(ANSIBLE_VERBOSE) --connection=local \ --inventory localhost, \ playbooks/update_ssh_config_guestfs.yml \ + --extra-vars=@./extra_vars.yaml \ -e 'ansible_python_interpreter=/usr/bin/python3' ;\ LIBVIRT_DEFAULT_URI=$(CONFIG_LIBVIRT_URI) $(TOPDIR)/scripts/update_ssh_config_guestfs.py; \ fi -- 2.43.0