From 73ef892fbf37c9d5c2f25a1db663cc8721bdc487 Mon Sep 17 00:00:00 2001 From: Jacob Floyd Date: Thu, 11 Mar 2021 12:50:18 -0600 Subject: [PATCH 1/3] make add-itest-user scripts more verbose --- .circle/add-itest-user.sh | 2 +- scripts/travis/add-itest-user-key.sh | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.circle/add-itest-user.sh b/.circle/add-itest-user.sh index b78a62e5b9..7685a9e676 100755 --- a/.circle/add-itest-user.sh +++ b/.circle/add-itest-user.sh @@ -1,6 +1,6 @@ #!/usr/bin/env bash -set -e +set -ex if [ "$(whoami)" != 'root' ]; then echo 'Please run with sudo' diff --git a/scripts/travis/add-itest-user-key.sh b/scripts/travis/add-itest-user-key.sh index 504087dfdc..a8ae6f6f8e 100755 --- a/scripts/travis/add-itest-user-key.sh +++ b/scripts/travis/add-itest-user-key.sh @@ -1,13 +1,13 @@ #!/usr/bin/env bash -set -e +set -ex mkdir -p ~/.ssh # Generate ssh keys on StackStorm box and copy over public key into remote box. ssh-keygen -f ~/.ssh/st2_id_rsa -P "" # Authorize key-base acces -sudo bash -c "cat ~/.ssh/st2_id_rsa.pub >> ~/.ssh/authorized_keys" +sudo bash -xc "cat ~/.ssh/st2_id_rsa.pub >> ~/.ssh/authorized_keys" sudo chmod 0600 ~/.ssh/authorized_keys sudo chmod 0700 ~/.ssh sudo chown -R "${ST2_CI_USER}:${ST2_CI_USER}" ~/.ssh From f5f66d02de357f4016be3d7d67dc2f88b67c0f65 Mon Sep 17 00:00:00 2001 From: Jacob Floyd Date: Thu, 11 Mar 2021 12:57:40 -0600 Subject: [PATCH 2/3] debug GHA sudoers config --- scripts/travis/add-itest-user-key.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/scripts/travis/add-itest-user-key.sh b/scripts/travis/add-itest-user-key.sh index a8ae6f6f8e..2ac1d13b57 100755 --- a/scripts/travis/add-itest-user-key.sh +++ b/scripts/travis/add-itest-user-key.sh @@ -2,6 +2,8 @@ set -ex mkdir -p ~/.ssh +# what is messing up $HOME? +sudo grep -ri ENV /etc/sudoers* # Generate ssh keys on StackStorm box and copy over public key into remote box. ssh-keygen -f ~/.ssh/st2_id_rsa -P "" From bf80b4c5a363d9379df02f2a890c486b4a2fba3c Mon Sep 17 00:00:00 2001 From: Jacob Floyd Date: Thu, 11 Mar 2021 13:06:15 -0600 Subject: [PATCH 3/3] use sudo -E to preserve env vars --- scripts/travis/add-itest-user-key.sh | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/scripts/travis/add-itest-user-key.sh b/scripts/travis/add-itest-user-key.sh index 2ac1d13b57..7cf9d1452d 100755 --- a/scripts/travis/add-itest-user-key.sh +++ b/scripts/travis/add-itest-user-key.sh @@ -2,14 +2,13 @@ set -ex mkdir -p ~/.ssh -# what is messing up $HOME? -sudo grep -ri ENV /etc/sudoers* # Generate ssh keys on StackStorm box and copy over public key into remote box. ssh-keygen -f ~/.ssh/st2_id_rsa -P "" +# sudo -E = preserve HOME var # Authorize key-base acces -sudo bash -xc "cat ~/.ssh/st2_id_rsa.pub >> ~/.ssh/authorized_keys" -sudo chmod 0600 ~/.ssh/authorized_keys -sudo chmod 0700 ~/.ssh -sudo chown -R "${ST2_CI_USER}:${ST2_CI_USER}" ~/.ssh +sudo -E bash -xc "cat ~/.ssh/st2_id_rsa.pub >> ~/.ssh/authorized_keys" +sudo -E chmod 0600 ~/.ssh/authorized_keys +sudo -E chmod 0700 ~/.ssh +sudo -E chown -R "${ST2_CI_USER}:${ST2_CI_USER}" ~/.ssh