train-core 3.7.4 → 3.8.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/train/extras/command_wrapper.rb +3 -0
- data/lib/train/transports/ssh.rb +41 -9
- data/lib/train/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 0e3153fa7d5928d42936093a793c001b1c0988a10c320edba2b887f63a1ec4ab
|
|
4
|
+
data.tar.gz: 3da18aa2c5e772b2881a670c23074c1775d1d560a87576fdd15d885e4e954c79
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c64082d00fb778a8326543df95888d03c98a4223a54dfc2073087c7dcef695ca9ca9d8e2c40f5980a9d726431b431283e5a205ba2cdbe1ec2c9a38ce8966be0b
|
|
7
|
+
data.tar.gz: b10c8793c74e7ae271eaae49e94a7222c1b347ad808d3a16b68f23564c03a6fec5baea0bf8209a99330f3dfcfc76a61a5ef1b1b5df8ff403d995c1fda37f7536
|
|
@@ -81,6 +81,9 @@ module Train::Extras
|
|
|
81
81
|
when /sudo: sorry, you must have a tty to run sudo/
|
|
82
82
|
["Sudo requires a TTY. Please see the README on how to configure "\
|
|
83
83
|
"sudo to allow for non-interactive usage.", :sudo_no_tty]
|
|
84
|
+
when /sudo: a terminal is required to read the password; either use/
|
|
85
|
+
["Sudo cannot prompt for password because there is no terminal. "\
|
|
86
|
+
"Please provide the sudo password directly", :sudo_missing_terminal]
|
|
84
87
|
else
|
|
85
88
|
[rawerr, nil]
|
|
86
89
|
end
|
data/lib/train/transports/ssh.rb
CHANGED
|
@@ -42,12 +42,12 @@ module Train::Transports
|
|
|
42
42
|
include_options Train::Extras::CommandWrapper
|
|
43
43
|
|
|
44
44
|
# common target configuration
|
|
45
|
-
option :host,
|
|
46
|
-
option :
|
|
47
|
-
option :
|
|
45
|
+
option :host, required: true
|
|
46
|
+
option :ssh_config_file, default: true
|
|
47
|
+
option :port, default: 22, coerce: proc { |v| read_options_from_ssh_config(v, :port) }, required: true
|
|
48
|
+
option :user, default: "root", coerce: proc { |v| read_options_from_ssh_config(v, :user) }, required: true
|
|
48
49
|
option :key_files, default: nil
|
|
49
50
|
option :password, default: nil
|
|
50
|
-
|
|
51
51
|
# additional ssh options
|
|
52
52
|
option :keepalive, default: true
|
|
53
53
|
option :keepalive_interval, default: 60
|
|
@@ -75,6 +75,7 @@ module Train::Transports
|
|
|
75
75
|
|
|
76
76
|
# (see Base#connection)
|
|
77
77
|
def connection(state = {}, &block)
|
|
78
|
+
apply_ssh_config_file(options[:host])
|
|
78
79
|
opts = merge_options(options, state || {})
|
|
79
80
|
validate_options(opts)
|
|
80
81
|
conn_opts = connection_options(opts)
|
|
@@ -90,12 +91,36 @@ module Train::Transports
|
|
|
90
91
|
# Params options [Hash], option_type [String]
|
|
91
92
|
# Return String
|
|
92
93
|
def self.read_options_from_ssh_config(options, option_type)
|
|
93
|
-
|
|
94
|
+
files = options[:ssh_config_file].nil? || options[:ssh_config_file] == true ? Net::SSH::Config.default_files : options[:ssh_config_file]
|
|
95
|
+
config_options = Net::SSH::Config.for(options[:host], files)
|
|
94
96
|
config_options[option_type]
|
|
95
97
|
end
|
|
96
98
|
|
|
99
|
+
def apply_ssh_config_file(host)
|
|
100
|
+
files = options[:ssh_config_file] == true ? Net::SSH::Config.default_files : options[:ssh_config_file]
|
|
101
|
+
host_cfg = ssh_config_file_for_host(host, files)
|
|
102
|
+
host_cfg.each do |key, value|
|
|
103
|
+
# setting the key_files option to the private keys set in ssh config file
|
|
104
|
+
if key == :keys && options[:key_files].nil? && !host_cfg[:keys].nil? && options[:password].nil?
|
|
105
|
+
options[:key_files] = host_cfg[key]
|
|
106
|
+
elsif options[key].nil?
|
|
107
|
+
# Precedence is given to the option set by the user manually.
|
|
108
|
+
# And only assigning value to the option from the ssh config file when it is not set by the user
|
|
109
|
+
# in the option. When the option has a default value for e.g. option "keepalive_interval" has the "60" as the default
|
|
110
|
+
# value, then the default value will be used even though the value for "user" is present in the ssh
|
|
111
|
+
# config file. That is because the precedence is to the options set manually, and currently we don't have
|
|
112
|
+
# any way to differentiate between the value set by the user or is it the default. This has a future of improvement.
|
|
113
|
+
options[key] = host_cfg[key]
|
|
114
|
+
end
|
|
115
|
+
end
|
|
116
|
+
end
|
|
117
|
+
|
|
97
118
|
private
|
|
98
119
|
|
|
120
|
+
def ssh_config_file_for_host(host, files)
|
|
121
|
+
Net::SSH::Config.for(host, files)
|
|
122
|
+
end
|
|
123
|
+
|
|
99
124
|
def reusable_connection?(conn_opts)
|
|
100
125
|
return false unless @connection_options
|
|
101
126
|
|
|
@@ -109,14 +134,18 @@ module Train::Transports
|
|
|
109
134
|
key_files = Array(options[:key_files])
|
|
110
135
|
options[:auth_methods] ||= ["none"]
|
|
111
136
|
|
|
112
|
-
|
|
113
|
-
|
|
137
|
+
# by default auth_methods has a default values [none publickey password keyboard-interactive]
|
|
138
|
+
# REF: https://github.com/net-ssh/net-ssh/blob/master/lib/net/ssh/authentication/session.rb#L48
|
|
139
|
+
if key_files.empty?
|
|
140
|
+
options[:auth_methods].delete("publickey")
|
|
141
|
+
else
|
|
114
142
|
options[:keys_only] = true if options[:password].nil?
|
|
115
143
|
options[:key_files] = key_files
|
|
116
144
|
end
|
|
117
145
|
|
|
118
|
-
|
|
119
|
-
options[:auth_methods].
|
|
146
|
+
if options[:password].nil?
|
|
147
|
+
options[:auth_methods].delete("password")
|
|
148
|
+
options[:auth_methods].delete("keyboard-interactive")
|
|
120
149
|
end
|
|
121
150
|
|
|
122
151
|
if options[:auth_methods] == ["none"]
|
|
@@ -131,6 +160,8 @@ module Train::Transports
|
|
|
131
160
|
end
|
|
132
161
|
end
|
|
133
162
|
|
|
163
|
+
options[:auth_methods] = options[:auth_methods].uniq
|
|
164
|
+
|
|
134
165
|
if options[:pty]
|
|
135
166
|
logger.warn("[SSH] PTY requested: stderr will be merged into stdout")
|
|
136
167
|
end
|
|
@@ -186,6 +217,7 @@ module Train::Transports
|
|
|
186
217
|
bastion_port: opts[:bastion_port],
|
|
187
218
|
non_interactive: opts[:non_interactive],
|
|
188
219
|
append_all_supported_algorithms: opts[:append_all_supported_algorithms],
|
|
220
|
+
config: options[:ssh_config_file],
|
|
189
221
|
transport_options: opts,
|
|
190
222
|
}
|
|
191
223
|
# disable host key verification. The hash key and value to use
|
data/lib/train/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: train-core
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.7
|
|
4
|
+
version: 3.8.7
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Chef InSpec Team
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2022-02-01 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: addressable
|