diff options
author | Christopher Baines <mail@cbaines.net> | 2018-06-23 09:57:03 +0100 |
---|---|---|
committer | Christopher Baines <mail@cbaines.net> | 2018-06-23 12:58:05 +0100 |
commit | 837e1ecec9798381f78b838947f8028403cb0bef (patch) | |
tree | 984e25f96a490a3cbd1b20d6f50903aa6dacfd1d /app | |
parent | 0736fd5ab32eeb57de52fb6d581d16c2824b2fc2 (diff) | |
download | govuk-mini-environment-admin-837e1ecec9798381f78b838947f8028403cb0bef.tar govuk-mini-environment-admin-837e1ecec9798381f78b838947f8028403cb0bef.tar.gz |
Handle SSH keys via the database
This makes it more explicit, and works around Terraform being
unpredictable when dealing with SSH agents.
Diffstat (limited to 'app')
-rw-r--r-- | app/controllers/backends/terraform_aws_controller.rb | 4 | ||||
-rw-r--r-- | app/models/backends/terraform_aws.rb | 8 | ||||
-rw-r--r-- | app/views/backends/terraform_aws/new.html.erb | 38 | ||||
-rw-r--r-- | app/views/backends/terraform_aws/show.html.erb | 40 |
4 files changed, 84 insertions, 6 deletions
diff --git a/app/controllers/backends/terraform_aws_controller.rb b/app/controllers/backends/terraform_aws_controller.rb index 6e8ed55..bffac9d 100644 --- a/app/controllers/backends/terraform_aws_controller.rb +++ b/app/controllers/backends/terraform_aws_controller.rb @@ -67,7 +67,9 @@ class Backends::TerraformAwsController < ApplicationController :vpc_id, :route_53_zone_id, :aws_access_key_id, - :aws_secret_access_key + :aws_secret_access_key, + :ssh_public_key, + :ssh_private_key ) end diff --git a/app/models/backends/terraform_aws.rb b/app/models/backends/terraform_aws.rb index 1f16188..026f1e4 100644 --- a/app/models/backends/terraform_aws.rb +++ b/app/models/backends/terraform_aws.rb @@ -32,6 +32,8 @@ # domain :string # route_53_zone_id :string not null # vpc_id :string not null +# ssh_public_key :string +# ssh_private_key :string # require 'ruby_terraform' @@ -164,7 +166,7 @@ class Backends::TerraformAws < ApplicationRecord aws_access_key: aws_access_key_id, aws_secret_key: aws_secret_access_key, aws_region: aws_region, - ssh_public_key: ssh_public_key, + ssh_private_key: ssh_private_key, aws_route_53_zone_id: route_53_zone_id } end @@ -188,10 +190,6 @@ class Backends::TerraformAws < ApplicationRecord "backend/terraform_aws/#{id}" end - def ssh_public_key - File.open("#{ENV['HOME']}/.ssh/id_rsa.pub", &:readline) - end - def guix_public_key "(entry #{File.read("/etc/guix/signing-key.pub")} (tag (guix import)))" end diff --git a/app/views/backends/terraform_aws/new.html.erb b/app/views/backends/terraform_aws/new.html.erb index bcbf3b4..790e5eb 100644 --- a/app/views/backends/terraform_aws/new.html.erb +++ b/app/views/backends/terraform_aws/new.html.erb @@ -145,6 +145,44 @@ License along with the GOV.UK Mini Environment Admin. If not, see </div> <div class="form-group form-group-lg"> + <%= f.label( + :ssh_public_key, + 'SSH Key, public part', + class: 'col-sm-4 control-label' + ) %> + <div class="col-sm-8"> + <%= f.text_area( + :ssh_public_key, + class: 'form-control', + placeholder: 'The public part of the SSH key to use' + ) %> + <span class="help-block"> + <p> + </p> + </span> + </div> + </div> + + <div class="form-group form-group-lg"> + <%= f.label( + :ssh_private_key, + 'SSH Key, private part', + class: 'col-sm-4 control-label' + ) %> + <div class="col-sm-8"> + <%= f.text_area( + :ssh_private_key, + class: 'form-control', + placeholder: 'The private part of the SSH key to use' + ) %> + <span class="help-block"> + <p> + </p> + </span> + </div> + </div> + + <div class="form-group form-group-lg"> <div class="col-sm-offset-4 col-sm-8"> <%= f.submit "Create", class: 'btn btn-lg btn-success' %> </div> diff --git a/app/views/backends/terraform_aws/show.html.erb b/app/views/backends/terraform_aws/show.html.erb index 81ce150..3a1b329 100644 --- a/app/views/backends/terraform_aws/show.html.erb +++ b/app/views/backends/terraform_aws/show.html.erb @@ -156,6 +156,46 @@ License along with the GOV.UK Mini Environment Admin. If not, see </div> <div class="form-group form-group-lg"> + <%= f.label( + :ssh_public_key, + 'SSH Key, public part', + class: 'col-sm-4 control-label' + ) %> + <div class="col-sm-8"> + <%= f.text_area( + :ssh_public_key, + class: 'form-control', + placeholder: 'The public part of the SSH key to use', + readonly: true + ) %> + <span class="help-block"> + <p> + </p> + </span> + </div> + </div> + + <div class="form-group form-group-lg"> + <%= f.label( + :ssh_private_key, + 'SSH Key, private part', + class: 'col-sm-4 control-label' + ) %> + <div class="col-sm-8"> + <%= text_area_tag( + :ssh_private_key, + 'Secret key hidden', + class: 'form-control', + disabled: true + ) %> + <span class="help-block"> + <p> + </p> + </span> + </div> + </div> + + <div class="form-group form-group-lg"> <div class="col-sm-offset-2 col-sm-10"> <%= f.submit "Save", class: 'btn btn-lg btn-success' %> </div> |