From 57cc17d18415aecdfd1c6076ef67ed5c9f19b1cf Mon Sep 17 00:00:00 2001 From: Emre Erkunt Date: Tue, 23 Oct 2018 10:01:35 +0100 Subject: [PATCH 1/4] Added new files to .gitignore --- .gitignore | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.gitignore b/.gitignore index d883c632..4b7b68bd 100644 --- a/.gitignore +++ b/.gitignore @@ -13,3 +13,5 @@ build dist example/tf_files/* terraform_compliance.egg-info + +.DS_Store \ No newline at end of file From 6e5279ae38c5b6d31cd402bd9c99593dd6683cc7 Mon Sep 17 00:00:00 2001 From: Emre Erkunt Date: Tue, 23 Oct 2018 12:05:53 +0100 Subject: [PATCH 2/4] Added initial support for SSH Authentication --- terraform_compliance/main.py | 21 +++++++++++++-------- 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/terraform_compliance/main.py b/terraform_compliance/main.py index 0174cfbb..84ad1d7a 100644 --- a/terraform_compliance/main.py +++ b/terraform_compliance/main.py @@ -10,15 +10,12 @@ __app_name__ = "terraform-compliance" -__version__ = "0.3.10" +__version__ = "0.4.0" class ArgHandling(object): pass -#TODO: Handle all directory/protocol handling via a better class structure here. -#TODO: Extend git: (on features or tf files argument) into native URLs instead of using a prefix here. - def cli(): args = ArgHandling() parser = ArgumentParser(prog=__app_name__, @@ -28,6 +25,8 @@ def cli(): parser.add_argument("--tfdir", "-t", dest="tf_dir", metavar='terraform_directory', action=ReadableDir, help="Directory (or git repository with 'git:' prefix) consists of Terraform Files", required=True) + parser.add_argument("--identity", "-i", dest="ssh_key", metavar='ssh_private_key', type=str, nargs='?', + help="SSH Private key that will be use on git authentication.", required=False) parser.add_argument("--version", "-v", action="version", version=__version__) _, radish_arguments = parser.parse_known_args(namespace=args) @@ -37,20 +36,26 @@ def cli(): steps_directory = os.path.join(os.path.split(os.path.abspath(__file__))[0], 'steps') print('Steps : {}'.format(steps_directory)) + # SSH Key is given for git authentication + ssh_cmd = {} + if args.ssh_key: + ssh_cmd = {"GIT_SSH_COMMAND": "ssh -i {}".format(args.ssh_key)} + # A remote repository used here - if args.features.startswith('http'): + if args.features.startswith(('http', 'https', 'ssh')): features_git_repo = args.features args.features = mkdtemp() - Repo.clone_from(features_git_repo, args.features) + + Repo.clone_from(url=features_git_repo, to_path=args.features, env=ssh_cmd) features_directory = os.path.join(os.path.abspath(args.features)) print('Features : {}{}'.format(features_directory, (' ({})'.format(features_git_repo) if 'features_git_repo' in locals() else ''))) tf_tmp_dir = mkdtemp() # A remote repository is used here. - if args.tf_dir.startswith('http'): + if args.tf_dir.startswith(('http', 'https', 'ssh')): tf_git_repo = args.tf_dir - Repo.clone_from(tf_git_repo, tf_tmp_dir) + Repo.clone_from(url=tf_git_repo, to_path=tf_tmp_dir, env=ssh_cmd) # A local directory is used here else: From 4fe270c8f2cb99618c05c8689d923a3cd68b37c7 Mon Sep 17 00:00:00 2001 From: Emre Erkunt Date: Tue, 23 Oct 2018 12:10:34 +0100 Subject: [PATCH 3/4] Added a new functionality where SSH Authentication against git repositoriy with a private key is supported. --- README.md | 9 +++++++++ terraform_compliance/main.py | 2 +- 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 3f89aa51..b5015380 100644 --- a/README.md +++ b/README.md @@ -57,6 +57,8 @@ optional arguments: Directory consists of BDD features --tfdir terraform_directory, -t terraform_directory Directory consists of Terraform Files + --identity ssh_private_key, -i ssh_private_key + SSH Private key file used for GIT authentication ``` You can also push additional arguments that is specific for `radish`. Just to explain how it works ; @@ -110,6 +112,13 @@ or if all of your features/terraform files are in a remote git repository, you c -t git:https://some.git.repository/terraform-repo.git ``` +## Running terraform-compliance with private GIT repositories +terraform-compliance 0.4.0 supports ssh authentication via git repositories. All you need to do is using `-i` flag and +pointing your ssh private key for git authentication + +``` +~# terraform-compliance -f /path/to/features -t git:ssh://fqdn/path/go/repo.git -i /path/to/private.key +``` ## Example ![Example Run](terraform-compliance-demo.gif) diff --git a/terraform_compliance/main.py b/terraform_compliance/main.py index 84ad1d7a..e7dc9238 100644 --- a/terraform_compliance/main.py +++ b/terraform_compliance/main.py @@ -39,7 +39,7 @@ def cli(): # SSH Key is given for git authentication ssh_cmd = {} if args.ssh_key: - ssh_cmd = {"GIT_SSH_COMMAND": "ssh -i {}".format(args.ssh_key)} + ssh_cmd = {"GIT_SSH_COMMAND": "ssh -l {} -i {}".format('git', args.ssh_key)} # A remote repository used here if args.features.startswith(('http', 'https', 'ssh')): From 3990a0806fcfff818c1a6ba7ba95b3f5355df81e Mon Sep 17 00:00:00 2001 From: Emre Erkunt Date: Tue, 23 Oct 2018 12:11:34 +0100 Subject: [PATCH 4/4] Updated README.md for git authentication --- README.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/README.md b/README.md index b5015380..6420b8ed 100644 --- a/README.md +++ b/README.md @@ -120,6 +120,9 @@ pointing your ssh private key for git authentication ~# terraform-compliance -f /path/to/features -t git:ssh://fqdn/path/go/repo.git -i /path/to/private.key ``` +If you already configured your `~/.ssh/config` and pointing remote host, and private key file, you don't even need to +use `-i` argument, it will be used automatically. + ## Example ![Example Run](terraform-compliance-demo.gif) ```bash