infra/codestorage/hg-ssh
2015-10-15
Parent:bf7b66df555f
infra/codestorage/hg-ssh/run.sh
Pull hostkeys when pulling SSH keys. Rather than relying on Kubernetes secrets and baking public keys right in, which was bound to get fraught, we now have some graceful degradation. It defaults to automatically-generated random keys, but will try to download some keys from Google Cloud Storage for the host. If it can find some, it'll try to use those, instead.
| paddy@1 | 1 #!/bin/bash |
| paddy@1 | 2 |
| paddy@1 | 3 # We need to reexecute these commands |
| paddy@1 | 4 # because Kubernetes doesn't use the |
| paddy@1 | 5 # VOLUME commands in the Dockerfiles |
| paddy@1 | 6 # when using volumes. So this makes |
| paddy@1 | 7 # things work on Kubernetes, but the |
| paddy@1 | 8 # Dockerfile makes things work when |
| paddy@1 | 9 # running locally. |
| paddy@1 | 10 mkdir -p /mounted/repos |
| paddy@1 | 11 chgrp -R committers /mounted |
| paddy@1 | 12 chmod -R 0770 /mounted |
| paddy@1 | 13 |
| paddy@1 | 14 /bin/bash /usr/local/bin/helpers/pull.sh |
| paddy@1 | 15 /bin/bash /usr/local/bin/helpers/pullkeys.sh |
| paddy@5 | 16 |
| paddy@1 | 17 /usr/sbin/sshd -D |