RubyGems - aptible-api - Versions diffs - 0.9.15 → 0.9.16 - Mend

aptible-api 0.9.15 → 0.9.16

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

checksums.yaml +4 -4
data/lib/aptible/api/account.rb +2 -0
data/lib/aptible/api/operation.rb +32 -14
data/lib/aptible/api/resource.rb +1 -0
data/lib/aptible/api/stack.rb +19 -0
data/lib/aptible/api/version.rb +1 -1
data/spec/aptible/api/operation_spec.rb +25 -6
metadata +3 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: b9c6eb639f828bf55b97ce98c42466f95783b119
-  data.tar.gz: 52664905bf0e652c6c19bd7df7dc5e254b1f0da1
+  metadata.gz: e448a72c9df895660ae7688754e17d297a0b4741
+  data.tar.gz: 4c521134184f9330a16fb021f91905da45bef81e
 SHA512:
-  metadata.gz: 449f42a33175161bfed43ea14de05fb08ee2338860909b358f4f7098b5f029a08e19e47c0861b76152a1d6aa53ed37f685a39dfcc5aa56742cb00ca0f2e21727
-  data.tar.gz: 214c2eb943a3ebf04e77cad57dd01cd2a210678aa3c46aa8ba99dd0198a95c2328ab108996e225e3717b669a9c7be0c2f9f5fa6db617da4422d32eee76d9adc4
+  metadata.gz: bae1439466c61b7c4c663c3b2969efdbe4383a35fa080cd9e074bbcc9cd95fe2ab9642430ae57c6d4435122b75a964ab0326ecfce6031838db3feb0fb8688045
+  data.tar.gz: cd65a940153c1fa2ad0bad6455ca7898002eab61e8ace10dc4deb33618efaf48426cd0355d5a565760d6a31d3d1f5d03bb2d8e8f822c552b09b92c7a2e740a8d

data/lib/aptible/api/account.rb CHANGED Viewed

@@ -3,6 +3,8 @@ require 'aptible/auth'
 module Aptible
   module Api
     class Account < Resource
+      belongs_to :stack
       has_many :apps
       has_many :backups
       has_many :certificates

data/lib/aptible/api/operation.rb CHANGED Viewed

@@ -57,25 +57,43 @@ module Aptible
         connection = create_ssh_portal_connection!(ssh_public_key: public_key)
         certificate = connection.ssh_certificate_body
-        with_temporary_id(private_key, public_key, certificate) do |id_file|
-          cmd = [
-            'ssh',
-            "#{connection.ssh_user}@#{account.bastion_host}",
-            '-p', account.ssh_portal_port.to_s,
-            '-i', id_file,
-            '-o', 'IdentitiesOnly=yes'
-          ]
-          # If we aren't allowed to create a pty, then we shouldn't try to
-          # allocate once, or we'll get an awkward error.
-          cmd << '-T' unless connection.ssh_pty
-          yield cmd, connection
+        stack = account.stack
+        host = stack.ssh_portal_host
+        port = stack.ssh_portal_port
+        key = stack.ssh_host_rsa_public_key
+        with_temporary_known_hosts(host, port, key) do |known_hosts_file|
+          with_temporary_id(private_key, public_key, certificate) do |id_file|
+            cmd = [
+              'ssh',
+              "#{connection.ssh_user}@#{host}",
+              '-p', port.to_s,
+              '-i', id_file,
+              '-o', 'IdentitiesOnly=yes',
+              '-o', "UserKnownHostsFile=#{known_hosts_file}",
+              '-o', 'StrictHostKeyChecking=yes'
+            ]
+            # If we aren't allowed to create a pty, then we shouldn't try to
+            # allocate once, or we'll get an awkward error.
+            cmd << '-T' unless connection.ssh_pty
+            yield cmd, connection
+          end
         end
       end
       private
+      def with_temporary_known_hosts(host, port, key)
+        Dir.mktmpdir do |dir|
+          known_hosts_file = File.join(dir, 'known_hosts')
+          contents = "[#{host}]:#{port} #{key}\n"
+          File.open(known_hosts_file, 'w', 0o600) { |f| f.write(contents) }
+          yield known_hosts_file
+        end
+      end
       def with_temporary_id(private_key, public_key, certificate)
         # Most versions of OpenSSH don't support specifying the SSH certificate
         # to use when connecting, so we create a temporary directory with the

data/lib/aptible/api/resource.rb CHANGED Viewed

@@ -31,3 +31,4 @@ require 'aptible/api/release'
 require 'aptible/api/service'
 require 'aptible/api/vhost'
 require 'aptible/api/ssh_portal_connection'
+require 'aptible/api/stack'

data/lib/aptible/api/stack.rb ADDED Viewed

@@ -0,0 +1,19 @@
+module Aptible
+  module Api
+    class Stack < Resource
+      field :id
+      field :type
+      field :name
+      field :version
+      field :region
+      field :default, type: Aptible::Resource::Boolean
+      field :ssh_host_dsa_public_key
+      field :ssh_host_rsa_public_key
+      field :ssh_host_ecdsa_public_key
+      field :ssh_portal_host
+      field :ssh_portal_port
+      field :created_at, type: Time
+      field :updated_at, type: Time
+    end
+  end
+end

data/lib/aptible/api/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 module Aptible
   module Api
-    VERSION = '0.9.15'.freeze
+    VERSION = '0.9.16'.freeze
   end
 end

data/spec/aptible/api/operation_spec.rb CHANGED Viewed

@@ -3,15 +3,22 @@ require 'spec_helper'
 describe Aptible::Api::Operation do
   describe '#with_ssh_cmd' do
     shared_examples '#with_ssh_cmd examples' do
-      let(:account) do
+      let(:stack) do
         Aptible::Api::Account.new.tap do |account|
           account.stub(
-            bastion_host: 'foo-bastion.com',
-            ssh_portal_port: 1022
+            ssh_portal_host: 'foo-bastion.com',
+            ssh_portal_port: 1022,
+            ssh_host_rsa_public_key: 'some rsa key'
           )
         end
       end
+      let(:account) do
+        Aptible::Api::Account.new.tap do |account|
+          account.stub(stack: stack)
+        end
+      end
       let(:ssh_portal_connection) do
         Aptible::Api::SshPortalConnection.new.tap do |connection|
           connection.stub(
@@ -55,6 +62,14 @@ describe Aptible::Api::Operation do
           expect(File.read("#{id_file}.pub")).to eq('some public key')
           expect(File.read("#{id_file}-cert.pub")).to eq('some certificate')
+          hosts_param = cmd.find { |p| p.start_with?('UserKnownHostsFile') }
+          expect(cmd[cmd.index(hosts_param) - 1]).to eq('-o')
+          expect(hosts_param).not_to be_nil
+          hosts_file = hosts_param.split('=')[1]
+          expect(File.read(hosts_file))
+            .to eq("[foo-bastion.com]:1022 some rsa key\n")
           expect(File.readable?(id_file)).to be_truthy
           expect(File.writable?(id_file)).to be_truthy
@@ -69,9 +84,13 @@ describe Aptible::Api::Operation do
             expect(cmd).to include('-T')
           end
-          identities_only = 'IdentitiesOnly=yes'
-          expect(cmd).to include(identities_only)
-          expect(cmd[cmd.index(identities_only) - 1]).to eq('-o')
+          [
+            'IdentitiesOnly=yes',
+            'StrictHostKeyChecking=yes'
+          ].each do |option|
+            expect(cmd).to include(option)
+            expect(cmd[cmd.index(option) - 1]).to eq('-o')
+          end
           has_yielded = true
         end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aptible-api
 version: !ruby/object:Gem::Version
-  version: 0.9.15
+  version: 0.9.16
 platform: ruby
 authors:
 - Frank Macreery
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2016-12-13 00:00:00.000000000 Z
+date: 2017-01-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aptible-resource
@@ -185,6 +185,7 @@ files:
 - lib/aptible/api/resource.rb
 - lib/aptible/api/service.rb
 - lib/aptible/api/ssh_portal_connection.rb
+- lib/aptible/api/stack.rb
 - lib/aptible/api/version.rb
 - lib/aptible/api/vhost.rb
 - spec/aptible/api/agent_spec.rb