aboutsummaryrefslogtreecommitdiff
path: root/app
diff options
context:
space:
mode:
authorChristopher Baines <mail@cbaines.net>2018-06-23 09:57:03 +0100
committerChristopher Baines <mail@cbaines.net>2018-06-23 12:58:05 +0100
commit837e1ecec9798381f78b838947f8028403cb0bef (patch)
tree984e25f96a490a3cbd1b20d6f50903aa6dacfd1d /app
parent0736fd5ab32eeb57de52fb6d581d16c2824b2fc2 (diff)
downloadgovuk-mini-environment-admin-837e1ecec9798381f78b838947f8028403cb0bef.tar
govuk-mini-environment-admin-837e1ecec9798381f78b838947f8028403cb0bef.tar.gz
Handle SSH keys via the database
This makes it more explicit, and works around Terraform being unpredictable when dealing with SSH agents.
Diffstat (limited to 'app')
-rw-r--r--app/controllers/backends/terraform_aws_controller.rb4
-rw-r--r--app/models/backends/terraform_aws.rb8
-rw-r--r--app/views/backends/terraform_aws/new.html.erb38
-rw-r--r--app/views/backends/terraform_aws/show.html.erb40
4 files changed, 84 insertions, 6 deletions
diff --git a/app/controllers/backends/terraform_aws_controller.rb b/app/controllers/backends/terraform_aws_controller.rb
index 6e8ed55..bffac9d 100644
--- a/app/controllers/backends/terraform_aws_controller.rb
+++ b/app/controllers/backends/terraform_aws_controller.rb
@@ -67,7 +67,9 @@ class Backends::TerraformAwsController < ApplicationController
:vpc_id,
:route_53_zone_id,
:aws_access_key_id,
- :aws_secret_access_key
+ :aws_secret_access_key,
+ :ssh_public_key,
+ :ssh_private_key
)
end
diff --git a/app/models/backends/terraform_aws.rb b/app/models/backends/terraform_aws.rb
index 1f16188..026f1e4 100644
--- a/app/models/backends/terraform_aws.rb
+++ b/app/models/backends/terraform_aws.rb
@@ -32,6 +32,8 @@
# domain :string
# route_53_zone_id :string not null
# vpc_id :string not null
+# ssh_public_key :string
+# ssh_private_key :string
#
require 'ruby_terraform'
@@ -164,7 +166,7 @@ class Backends::TerraformAws < ApplicationRecord
aws_access_key: aws_access_key_id,
aws_secret_key: aws_secret_access_key,
aws_region: aws_region,
- ssh_public_key: ssh_public_key,
+ ssh_private_key: ssh_private_key,
aws_route_53_zone_id: route_53_zone_id
}
end
@@ -188,10 +190,6 @@ class Backends::TerraformAws < ApplicationRecord
"backend/terraform_aws/#{id}"
end
- def ssh_public_key
- File.open("#{ENV['HOME']}/.ssh/id_rsa.pub", &:readline)
- end
-
def guix_public_key
"(entry #{File.read("/etc/guix/signing-key.pub")} (tag (guix import)))"
end
diff --git a/app/views/backends/terraform_aws/new.html.erb b/app/views/backends/terraform_aws/new.html.erb
index bcbf3b4..790e5eb 100644
--- a/app/views/backends/terraform_aws/new.html.erb
+++ b/app/views/backends/terraform_aws/new.html.erb
@@ -145,6 +145,44 @@ License along with the GOV.UK Mini Environment Admin. If not, see
</div>
<div class="form-group form-group-lg">
+ <%= f.label(
+ :ssh_public_key,
+ 'SSH Key, public part',
+ class: 'col-sm-4 control-label'
+ ) %>
+ <div class="col-sm-8">
+ <%= f.text_area(
+ :ssh_public_key,
+ class: 'form-control',
+ placeholder: 'The public part of the SSH key to use'
+ ) %>
+ <span class="help-block">
+ <p>
+ </p>
+ </span>
+ </div>
+ </div>
+
+ <div class="form-group form-group-lg">
+ <%= f.label(
+ :ssh_private_key,
+ 'SSH Key, private part',
+ class: 'col-sm-4 control-label'
+ ) %>
+ <div class="col-sm-8">
+ <%= f.text_area(
+ :ssh_private_key,
+ class: 'form-control',
+ placeholder: 'The private part of the SSH key to use'
+ ) %>
+ <span class="help-block">
+ <p>
+ </p>
+ </span>
+ </div>
+ </div>
+
+ <div class="form-group form-group-lg">
<div class="col-sm-offset-4 col-sm-8">
<%= f.submit "Create", class: 'btn btn-lg btn-success' %>
</div>
diff --git a/app/views/backends/terraform_aws/show.html.erb b/app/views/backends/terraform_aws/show.html.erb
index 81ce150..3a1b329 100644
--- a/app/views/backends/terraform_aws/show.html.erb
+++ b/app/views/backends/terraform_aws/show.html.erb
@@ -156,6 +156,46 @@ License along with the GOV.UK Mini Environment Admin. If not, see
</div>
<div class="form-group form-group-lg">
+ <%= f.label(
+ :ssh_public_key,
+ 'SSH Key, public part',
+ class: 'col-sm-4 control-label'
+ ) %>
+ <div class="col-sm-8">
+ <%= f.text_area(
+ :ssh_public_key,
+ class: 'form-control',
+ placeholder: 'The public part of the SSH key to use',
+ readonly: true
+ ) %>
+ <span class="help-block">
+ <p>
+ </p>
+ </span>
+ </div>
+ </div>
+
+ <div class="form-group form-group-lg">
+ <%= f.label(
+ :ssh_private_key,
+ 'SSH Key, private part',
+ class: 'col-sm-4 control-label'
+ ) %>
+ <div class="col-sm-8">
+ <%= text_area_tag(
+ :ssh_private_key,
+ 'Secret key hidden',
+ class: 'form-control',
+ disabled: true
+ ) %>
+ <span class="help-block">
+ <p>
+ </p>
+ </span>
+ </div>
+ </div>
+
+ <div class="form-group form-group-lg">
<div class="col-sm-offset-2 col-sm-10">
<%= f.submit "Save", class: 'btn btn-lg btn-success' %>
</div>