train-core 3.7.4 → 3.8.7
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/train/extras/command_wrapper.rb +3 -0
- data/lib/train/transports/ssh.rb +41 -9
- data/lib/train/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 0e3153fa7d5928d42936093a793c001b1c0988a10c320edba2b887f63a1ec4ab
|
|
4
|
+
data.tar.gz: 3da18aa2c5e772b2881a670c23074c1775d1d560a87576fdd15d885e4e954c79
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c64082d00fb778a8326543df95888d03c98a4223a54dfc2073087c7dcef695ca9ca9d8e2c40f5980a9d726431b431283e5a205ba2cdbe1ec2c9a38ce8966be0b
|
|
7
|
+
data.tar.gz: b10c8793c74e7ae271eaae49e94a7222c1b347ad808d3a16b68f23564c03a6fec5baea0bf8209a99330f3dfcfc76a61a5ef1b1b5df8ff403d995c1fda37f7536
|
|
@@ -81,6 +81,9 @@ module Train::Extras
|
|
|
81
81
|
when /sudo: sorry, you must have a tty to run sudo/
|
|
82
82
|
["Sudo requires a TTY. Please see the README on how to configure "\
|
|
83
83
|
"sudo to allow for non-interactive usage.", :sudo_no_tty]
|
|
84
|
+
when /sudo: a terminal is required to read the password; either use/
|
|
85
|
+
["Sudo cannot prompt for password because there is no terminal. "\
|
|
86
|
+
"Please provide the sudo password directly", :sudo_missing_terminal]
|
|
84
87
|
else
|
|
85
88
|
[rawerr, nil]
|
|
86
89
|
end
|
data/lib/train/transports/ssh.rb
CHANGED
|
@@ -42,12 +42,12 @@ module Train::Transports
|
|
|
42
42
|
include_options Train::Extras::CommandWrapper
|
|
43
43
|
|
|
44
44
|
# common target configuration
|
|
45
|
-
option :host,
|
|
46
|
-
option :
|
|
47
|
-
option :
|
|
45
|
+
option :host, required: true
|
|
46
|
+
option :ssh_config_file, default: true
|
|
47
|
+
option :port, default: 22, coerce: proc { |v| read_options_from_ssh_config(v, :port) }, required: true
|
|
48
|
+
option :user, default: "root", coerce: proc { |v| read_options_from_ssh_config(v, :user) }, required: true
|
|
48
49
|
option :key_files, default: nil
|
|
49
50
|
option :password, default: nil
|
|
50
|
-
|
|
51
51
|
# additional ssh options
|
|
52
52
|
option :keepalive, default: true
|
|
53
53
|
option :keepalive_interval, default: 60
|
|
@@ -75,6 +75,7 @@ module Train::Transports
|
|
|
75
75
|
|
|
76
76
|
# (see Base#connection)
|
|
77
77
|
def connection(state = {}, &block)
|
|
78
|
+
apply_ssh_config_file(options[:host])
|
|
78
79
|
opts = merge_options(options, state || {})
|
|
79
80
|
validate_options(opts)
|
|
80
81
|
conn_opts = connection_options(opts)
|
|
@@ -90,12 +91,36 @@ module Train::Transports
|
|
|
90
91
|
# Params options [Hash], option_type [String]
|
|
91
92
|
# Return String
|
|
92
93
|
def self.read_options_from_ssh_config(options, option_type)
|
|
93
|
-
|
|
94
|
+
files = options[:ssh_config_file].nil? || options[:ssh_config_file] == true ? Net::SSH::Config.default_files : options[:ssh_config_file]
|
|
95
|
+
config_options = Net::SSH::Config.for(options[:host], files)
|
|
94
96
|
config_options[option_type]
|
|
95
97
|
end
|
|
96
98
|
|
|
99
|
+
def apply_ssh_config_file(host)
|
|
100
|
+
files = options[:ssh_config_file] == true ? Net::SSH::Config.default_files : options[:ssh_config_file]
|
|
101
|
+
host_cfg = ssh_config_file_for_host(host, files)
|
|
102
|
+
host_cfg.each do |key, value|
|
|
103
|
+
# setting the key_files option to the private keys set in ssh config file
|
|
104
|
+
if key == :keys && options[:key_files].nil? && !host_cfg[:keys].nil? && options[:password].nil?
|
|
105
|
+
options[:key_files] = host_cfg[key]
|
|
106
|
+
elsif options[key].nil?
|
|
107
|
+
# Precedence is given to the option set by the user manually.
|
|
108
|
+
# And only assigning value to the option from the ssh config file when it is not set by the user
|
|
109
|
+
# in the option. When the option has a default value for e.g. option "keepalive_interval" has the "60" as the default
|
|
110
|
+
# value, then the default value will be used even though the value for "user" is present in the ssh
|
|
111
|
+
# config file. That is because the precedence is to the options set manually, and currently we don't have
|
|
112
|
+
# any way to differentiate between the value set by the user or is it the default. This has a future of improvement.
|
|
113
|
+
options[key] = host_cfg[key]
|
|
114
|
+
end
|
|
115
|
+
end
|
|
116
|
+
end
|
|
117
|
+
|
|
97
118
|
private
|
|
98
119
|
|
|
120
|
+
def ssh_config_file_for_host(host, files)
|
|
121
|
+
Net::SSH::Config.for(host, files)
|
|
122
|
+
end
|
|
123
|
+
|
|
99
124
|
def reusable_connection?(conn_opts)
|
|
100
125
|
return false unless @connection_options
|
|
101
126
|
|
|
@@ -109,14 +134,18 @@ module Train::Transports
|
|
|
109
134
|
key_files = Array(options[:key_files])
|
|
110
135
|
options[:auth_methods] ||= ["none"]
|
|
111
136
|
|
|
112
|
-
|
|
113
|
-
|
|
137
|
+
# by default auth_methods has a default values [none publickey password keyboard-interactive]
|
|
138
|
+
# REF: https://github.com/net-ssh/net-ssh/blob/master/lib/net/ssh/authentication/session.rb#L48
|
|
139
|
+
if key_files.empty?
|
|
140
|
+
options[:auth_methods].delete("publickey")
|
|
141
|
+
else
|
|
114
142
|
options[:keys_only] = true if options[:password].nil?
|
|
115
143
|
options[:key_files] = key_files
|
|
116
144
|
end
|
|
117
145
|
|
|
118
|
-
|
|
119
|
-
options[:auth_methods].
|
|
146
|
+
if options[:password].nil?
|
|
147
|
+
options[:auth_methods].delete("password")
|
|
148
|
+
options[:auth_methods].delete("keyboard-interactive")
|
|
120
149
|
end
|
|
121
150
|
|
|
122
151
|
if options[:auth_methods] == ["none"]
|
|
@@ -131,6 +160,8 @@ module Train::Transports
|
|
|
131
160
|
end
|
|
132
161
|
end
|
|
133
162
|
|
|
163
|
+
options[:auth_methods] = options[:auth_methods].uniq
|
|
164
|
+
|
|
134
165
|
if options[:pty]
|
|
135
166
|
logger.warn("[SSH] PTY requested: stderr will be merged into stdout")
|
|
136
167
|
end
|
|
@@ -186,6 +217,7 @@ module Train::Transports
|
|
|
186
217
|
bastion_port: opts[:bastion_port],
|
|
187
218
|
non_interactive: opts[:non_interactive],
|
|
188
219
|
append_all_supported_algorithms: opts[:append_all_supported_algorithms],
|
|
220
|
+
config: options[:ssh_config_file],
|
|
189
221
|
transport_options: opts,
|
|
190
222
|
}
|
|
191
223
|
# disable host key verification. The hash key and value to use
|
data/lib/train/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: train-core
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.7
|
|
4
|
+
version: 3.8.7
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Chef InSpec Team
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2022-02-01 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: addressable
|