Fixes related to the PR

- back out changes to changing the git url - fix gid - ignore global ssh config option when specifying known hosts Signed-off-by: Alex Couture-Beil <alex@earthly.dev>
2020-11-12 17:29:49 -08:00 · 2020-11-12 17:29:49 -08:00 · 92e89a3374
parent 486c5fd5c6
commit 92e89a3374
4 changed files with 27 additions and 29 deletions
--- a/client/llb/source.go
+++ b/client/llb/source.go
@ -201,7 +201,7 @@ func Git(remote, ref string, opts ...GitOption) State {
 	url := ""
 	for _, prefix := range []string{
-		"http://", "https://", "git://",
+		"http://", "https://", "git://", "git@",
 	} {
 		if strings.HasPrefix(remote, prefix) {
 			url = strings.Split(remote, "#")[0]
@ -247,8 +247,8 @@ func Git(remote, ref string, opts ...GitOption) State {
 		attrs[pb.AttrKnownSSHHosts] = gi.KnownSSHHosts
 		addCap(&gi.Constraints, pb.CapSourceGitKnownSSHHosts)
 	}
-	if gi.MountSSHSock {
+	if gi.MountSSHSock != "" {
-		attrs[pb.AttrMountSSHSock] = "true"
+		attrs[pb.AttrMountSSHSock] = gi.MountSSHSock
 		addCap(&gi.Constraints, pb.CapSourceGitMountSSHSock)
 	}
@ -274,7 +274,7 @@ type GitInfo struct {
 	AuthHeaderSecret string
 	addAuthCap       bool
 	KnownSSHHosts    string
-	MountSSHSock     bool
+	MountSSHSock     string
 }
 func KeepGitDir() GitOption {
@ -304,9 +304,9 @@ func KnownSSHHosts(key string) GitOption {
 	})
 }
-func MountSSHSock() GitOption {
+func MountSSHSock(sshID string) GitOption {
 	return gitOptionFunc(func(gi *GitInfo) {
-		gi.MountSSHSock = true
+		gi.MountSSHSock = sshID
 	})
 }
--- a/source/git/gitsource.go
+++ b/source/git/gitsource.go
@ -238,8 +238,7 @@ func (gs *gitSourceHandler) getAuthToken(ctx context.Context, g session.Group) e
 	})
 }
-func (gs *gitSourceHandler) mountSSHAuthSock(ctx context.Context, g session.Group) (string, func() error, error) {
+func (gs *gitSourceHandler) mountSSHAuthSock(ctx context.Context, sshID string, g session.Group) (string, func() error, error) {
 	sshID := "default"
 	var caller session.Caller
 	err := gs.sm.Any(ctx, g, func(ctx context.Context, _ string, c session.Caller) error {
 		if err := sshforward.CheckSSHID(ctx, c, sshID); err != nil {
@ -261,9 +260,9 @@ func (gs *gitSourceHandler) mountSSHAuthSock(ctx context.Context, g session.Grou
 		return "", nil, err
 	}
-	// best effor, default to root
+	// best effort, default to root
 	uid, _ := strconv.Atoi(usr.Uid)
-	gid, _ := strconv.Atoi(usr.Uid)
+	gid, _ := strconv.Atoi(usr.Gid)
 	sock, cleanup, err := sshforward.MountSSHSocket(ctx, caller, sshforward.SocketOpt{
 		ID:   sshID,
@ -326,9 +325,9 @@ func (gs *gitSourceHandler) CacheKey(ctx context.Context, g session.Group, index
 	defer unmountGitDir()
 	var sock string
-	if gs.src.MountSSHSock {
+	if gs.src.MountSSHSock != "" {
 		var unmountSock func() error
-		sock, unmountSock, err = gs.mountSSHAuthSock(ctx, g)
+		sock, unmountSock, err = gs.mountSSHAuthSock(ctx, gs.src.MountSSHSock, g)
 		if err != nil {
 			return "", nil, false, err
 		}
@ -404,9 +403,9 @@ func (gs *gitSourceHandler) Snapshot(ctx context.Context, g session.Group) (out
 	defer unmountGitDir()
 	var sock string
-	if gs.src.MountSSHSock {
+	if gs.src.MountSSHSock != "" {
 		var unmountSock func() error
-		sock, unmountSock, err = gs.mountSSHAuthSock(ctx, g)
+		sock, unmountSock, err = gs.mountSSHAuthSock(ctx, gs.src.MountSSHSock, g)
 		if err != nil {
 			return nil, err
 		}
@ -598,7 +597,7 @@ func git(ctx context.Context, dir, sshAuthSock, knownHosts string, args ...strin
 			cmd.Env = append(cmd.Env, "SSH_AUTH_SOCK="+sshAuthSock)
 		}
 		if knownHosts != "" {
-			cmd.Env = append(cmd.Env, "GIT_SSH_COMMAND=ssh -o UserKnownHostsFile="+knownHosts)
+			cmd.Env = append(cmd.Env, "GIT_SSH_COMMAND=ssh -F /dev/null -o UserKnownHostsFile="+knownHosts)
 		}
 		// remote git commands spawn helper processes that inherit FDs and don't
--- a/source/gitidentifier.go
+++ b/source/gitidentifier.go
@ -2,16 +2,11 @@ package source
 import (
 	"net/url"
 	"regexp"
 	"strings"
 	"github.com/pkg/errors"
 )
 // sshGitRegexp is used to detect if the git repo uses ssh
 // e.g. git@... or otheruser@nonstandardgithost.com:my/really/strange/repo.git
 var sshGitRegexp, _ = regexp.Compile("[a-z0-9_]+@[^/]+:.+")
 type GitIdentifier struct {
 	Remote           string
 	Ref              string
@ -19,15 +14,19 @@ type GitIdentifier struct {
 	KeepGitDir       bool
 	AuthTokenSecret  string
 	AuthHeaderSecret string
-	MountSSHSock     bool
+	MountSSHSock     string
 	KnownSSHHosts    string
 }
 func NewGitIdentifier(remoteURL string) (*GitIdentifier, error) {
 	repo := GitIdentifier{}
 	if !isGitTransport(remoteURL) {
 		remoteURL = "https://" + remoteURL
 	}
 	var fragment string
-	if sshGitRegexp.MatchString(remoteURL) {
+	if strings.HasPrefix(remoteURL, "git@") {
 		// git@.. is not an URL, so cannot be parsed as URL
 		parts := strings.SplitN(remoteURL, "#", 2)
@ -37,10 +36,6 @@ func NewGitIdentifier(remoteURL string) (*GitIdentifier, error) {
 		}
 		repo.Ref, repo.Subdir = getRefAndSubdir(fragment)
 	} else {
 		if !strings.HasPrefix(remoteURL, "http://") && !strings.HasPrefix(remoteURL, "https://") {
 			remoteURL = "https://" + remoteURL
 		}
 		u, err := url.Parse(remoteURL)
 		if err != nil {
 			return nil, err
@ -60,6 +55,12 @@ func (i *GitIdentifier) ID() string {
 	return "git"
 }
 // isGitTransport returns true if the provided str is a git transport by inspecting
 // the prefix of the string for known protocols used in git.
 func isGitTransport(str string) bool {
 	return strings.HasPrefix(str, "http://") || strings.HasPrefix(str, "https://") || strings.HasPrefix(str, "git://") || strings.HasPrefix(str, "git@")
 }
 func getRefAndSubdir(fragment string) (ref string, subdir string) {
 	refAndDir := strings.SplitN(fragment, ":", 2)
 	ref = "master"
--- a/source/identifier.go
+++ b/source/identifier.go
@ -110,9 +110,7 @@ func FromLLB(op *pb.Op_Source, platform *pb.Platform) (Identifier, error) {
 			case pb.AttrKnownSSHHosts:
 				id.KnownSSHHosts = v
 			case pb.AttrMountSSHSock:
-				if v == "true" {
+				id.MountSSHSock = v
 					id.MountSSHSock = true
 				}
 			}
 		}
 	}