diff --git a/pkgs/clan-cli/clan_cli/webui/app.py b/pkgs/clan-cli/clan_cli/webui/app.py index b392c2118..ca1a4d4fd 100644 --- a/pkgs/clan-cli/clan_cli/webui/app.py +++ b/pkgs/clan-cli/clan_cli/webui/app.py @@ -51,5 +51,5 @@ app = setup_app() for i in app.exception_handlers.items(): log.info(f"Registered exception handler: {i}") -log.warn("log warn") +log.warning("log warn") log.debug("log debug") diff --git a/pkgs/clan-cli/tests/data/ssh_host_ed25519_key b/pkgs/clan-cli/tests/data/ssh_host_ed25519_key new file mode 100644 index 000000000..bb1ae8fb3 --- /dev/null +++ b/pkgs/clan-cli/tests/data/ssh_host_ed25519_key @@ -0,0 +1,7 @@ +-----BEGIN OPENSSH PRIVATE KEY----- +b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW +QyNTUxOQAAACDonlRWMYxHTtnOeeiurKA1j26EfVZWeozuqSrtCYScFwAAAJje9J1V3vSd +VQAAAAtzc2gtZWQyNTUxOQAAACDonlRWMYxHTtnOeeiurKA1j26EfVZWeozuqSrtCYScFw +AAAEBxDpEXwhlJB/f6ZJOT9BbSqXeLy9S6qeuc25hXu5kpbuieVFYxjEdO2c556K6soDWP +boR9VlZ6jO6pKu0JhJwXAAAAE2pvZXJnQHR1cmluZ21hY2hpbmUBAg== +-----END OPENSSH PRIVATE KEY----- diff --git a/pkgs/clan-cli/tests/data/ssh_host_ed25519_key.pub b/pkgs/clan-cli/tests/data/ssh_host_ed25519_key.pub new file mode 100644 index 000000000..9390acf33 --- /dev/null +++ b/pkgs/clan-cli/tests/data/ssh_host_ed25519_key.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOieVFYxjEdO2c556K6soDWPboR9VlZ6jO6pKu0JhJwX joerg@turingmachine diff --git a/pkgs/clan-cli/tests/data/sshd_config b/pkgs/clan-cli/tests/data/sshd_config new file mode 100644 index 000000000..c6e685a21 --- /dev/null +++ b/pkgs/clan-cli/tests/data/sshd_config @@ -0,0 +1,7 @@ +HostKey $host_key +LogLevel DEBUG3 +# In the nix build sandbox we don't get any meaningful PATH after login +MaxStartups 64:30:256 +AuthorizedKeysFile $host_key.pub +AcceptEnv REALPATH +PasswordAuthentication no diff --git a/pkgs/clan-cli/tests/sshd.py b/pkgs/clan-cli/tests/sshd.py index 5e0ddab45..cbc737286 100644 --- a/pkgs/clan-cli/tests/sshd.py +++ b/pkgs/clan-cli/tests/sshd.py @@ -1,5 +1,6 @@ import os import shutil +import string import subprocess import time from pathlib import Path @@ -32,39 +33,17 @@ class SshdConfig: @pytest.fixture(scope="session") -def sshd_config(project_root: Path, test_root: Path) -> Iterator[SshdConfig]: +def sshd_config(test_root: Path) -> Iterator[SshdConfig]: # FIXME, if any parent of the sshd directory is world-writable than sshd will refuse it. # we use .direnv instead since it's already in .gitignore - direnv = project_root / ".direnv" - direnv.mkdir(exist_ok=True) - with TemporaryDirectory(dir=direnv) as _dir: + with TemporaryDirectory() as _dir: dir = Path(_dir) - host_key = dir / "host_ssh_host_ed25519_key" - subprocess.run( - [ - "ssh-keygen", - "-t", - "ed25519", - "-f", - host_key, - "-N", - "", - ], - check=True, - ) - - sshd_config = dir / "sshd_config" - sshd_config.write_text( - f""" - HostKey {host_key} - LogLevel DEBUG3 - # In the nix build sandbox we don't get any meaningful PATH after login - MaxStartups 64:30:256 - AuthorizedKeysFile {host_key}.pub - AcceptEnv REALPATH - PasswordAuthentication no - """ - ) + host_key = test_root / "data" / "ssh_host_ed25519_key" + host_key.chmod(0o600) + template = (test_root / "data" / "sshd_config").read_text() + content = string.Template(template).substitute(dict(host_key=host_key)) + config = dir / "sshd_config" + config.write_text(content) login_shell = dir / "shell" bash = shutil.which("bash") @@ -104,7 +83,7 @@ exec {bash} -l "${{@}}" check=True, ) - yield SshdConfig(sshd_config, login_shell, str(host_key), lib_path) + yield SshdConfig(config, login_shell, str(host_key), lib_path) @pytest.fixture