ssh/wip

.forgejo/workflows/almalinux:8.yaml

@@ -10,4 +10,6 @@ jobs:
       run: eval ${{vars.cd}}
 
     - run: cd-list-environment
+    - run: cd-clone-branch
+    - run: cd-build-project
     - run: cd-browse-workspace

.forgejo/workflows/almalinux:9.yaml

@@ -10,4 +10,6 @@ jobs:
       run: eval ${{vars.cd}}
 
     - run: cd-list-environment
+    - run: cd-clone-branch
+    - run: cd-build-project
     - run: cd-browse-workspace

.forgejo/workflows/alpine:3.18.yaml

@@ -10,4 +10,6 @@ jobs:
       run: eval ${{vars.cd}}
 
     - run: cd-list-environment
+    - run: cd-clone-branch
+    - run: cd-build-project
     - run: cd-browse-workspace

.forgejo/workflows/alpine:3.19.yaml

@@ -10,4 +10,6 @@ jobs:
       run: eval ${{vars.cd}}
 
     - run: cd-list-environment
+    - run: cd-clone-branch
+    - run: cd-build-project
     - run: cd-browse-workspace

.forgejo/workflows/archlinux:base-20231112.0.191179.yaml

@@ -10,4 +10,6 @@ jobs:
       run: eval ${{vars.cd}}
 
     - run: cd-list-environment
+    - run: cd-clone-branch
+    - run: cd-build-project
     - run: cd-browse-workspace

.forgejo/workflows/archlinux:base-20240101.0.204074.yaml

@@ -10,4 +10,6 @@ jobs:
       run: eval ${{vars.cd}}
 
     - run: cd-list-environment
+    - run: cd-clone-branch
+    - run: cd-build-project
     - run: cd-browse-workspace

.forgejo/workflows/debian:bookworm.yaml

@@ -4,7 +4,6 @@ jobs:
     container:
       image: debian:bookworm
     steps:
-    - run: pwd && ls -a -l
     - name: cd
       env:
         CD: ${{secrets.cd}}
@@ -12,6 +11,6 @@ jobs:
 
     - run: cd-list-environment
     - run: cd-clone-branch
-    - run: cd-browse-workspace
     - run: cd-build-project
+    - run: cd-browse-workspace
     - run: cd-synchronize out

.forgejo/workflows/debian:bullseye.yaml

@@ -10,4 +10,6 @@ jobs:
       run: eval ${{vars.cd}}
 
     - run: cd-list-environment
+    - run: cd-clone-branch
+    - run: cd-build-project
     - run: cd-browse-workspace

.forgejo/workflows/fedora:39.yaml

@@ -10,4 +10,6 @@ jobs:
       run: eval ${{vars.cd}}
 
     - run: cd-list-environment
+    - run: cd-clone-branch
+    - run: cd-build-project
     - run: cd-browse-workspace

.forgejo/workflows/fedora:40.yaml

@@ -10,4 +10,6 @@ jobs:
       run: eval ${{vars.cd}}
 
     - run: cd-list-environment
+    - run: cd-clone-branch
+    - run: cd-build-project
     - run: cd-browse-workspace

.forgejo/workflows/rockylinux:8.yaml

@@ -10,4 +10,6 @@ jobs:
       run: eval ${{vars.cd}}
 
     - run: cd-list-environment
+    - run: cd-clone-branch
+    - run: cd-build-project
     - run: cd-browse-workspace

.forgejo/workflows/rockylinux:9.yaml

@@ -10,4 +10,6 @@ jobs:
       run: eval ${{vars.cd}}
 
     - run: cd-list-environment
+    - run: cd-clone-branch
+    - run: cd-build-project
     - run: cd-browse-workspace

.forgejo/workflows/ubuntu:jammy.yaml

@@ -10,4 +10,6 @@ jobs:
       run: eval ${{vars.cd}}
 
     - run: cd-list-environment
+    - run: cd-clone-branch
+    - run: cd-build-project
     - run: cd-browse-workspace

.forgejo/workflows/ubuntu:noble.yaml

@@ -10,4 +10,6 @@ jobs:
       run: eval ${{vars.cd}}
 
     - run: cd-list-environment
+    - run: cd-clone-branch
+    - run: cd-build-project
     - run: cd-browse-workspace

.gitlab-ci.yml

@@ -1,11 +1,9 @@
 image: debian:bookworm
 job:
   script:
-  - pwd && ls -a -l
   - source ${CD}
 
   - cd-list-environment
   - cd-clone-branch
-  - cd-browse-workspace
   - cd-build-project
-  - cd-synchronize out
+  - cd-browse-workspace

bootstrap.sh

@@ -1,42 +0,0 @@
-#! /usr/bin/env bash
-FILE="$(realpath "${BASH_SOURCE[0]}")"
-ROOT="$(dirname "${FILE}")"
-
-COMMANDS='cmd'
-KEY_ALGORITHM='ed25519'
-KEY_DIRECTORY='.ssh'
-KEY_PATH="${KEY_DIRECTORY}/id_${KEY_ALGORITHM}"
-KEY_PUBLIC='AAAAC3NzaC1lZDI1NTE5AAAAIPHCNcgHlQoiNTXfnUZYvHz9OZwYsmBCrSSV7a7Zche5'
-PACKAGES=(
-'openssh-client'
-'rsync'
-'tree'
-)
-SERVER="$(basename ${GITHUB_SERVER_URL})"
-TARGET='/usr/local/sbin'
-
-# commands
-cd "${ROOT}/${COMMANDS}" \
-|| exit
-for file in *.sh ; do
-    cp "${file}" "${TARGET}/${file%.sh}" \
-    || exit
-done
-
-# ssh
-cd \
-|| exit
-mkdir "${KEY_DIRECTORY}" \
-|| exit
-echo "${CD}" > "${KEY_PATH}" \
-|| exit
-unset CD
-chmod '400' "${KEY_PATH}" \
-|| exit
-echo "${SERVER} ssh-${KEY_ALGORITHM} ${KEY_PUBLIC}" \
-> "${KEY_DIRECTORY}/known_hosts" \
-|| exit
-
-# packages
-apt-get install --yes "${PACKAGES[@]}" \
-|| exit

cd.sh

@@ -29,6 +29,10 @@ cd_main () {
     cd_upgrade_packages
     cd_install_git
     cd_install_python
+    # TODO move to Python
+    cd_install_rsync
+    # TODO move to Python
+    cd_install_ssh
     cd_clean_packages_cache
     cd_install_python_modules ${CD_PYTHON_MODULES}
     cd_execute_python_module ${CD_PYTHON_MODULES}
@@ -108,6 +112,8 @@ cd_set_environment_variables () {
     CD_DNS_FILE="/etc/resolv.conf"
     CD_PKG_CA="ca-certificates"
     CD_PKG_GIT="git"
+    # TODO move to Python
+    CD_PKG_RSYNC="rsync"
     CD_PYTHON_ALIAS="python3"
     cd_split
     cd_echo "CD_DNS_FILE" "CD_PKG_CA" "CD_PKG_GIT" "CD_PYTHON_ALIAS"
@@ -349,6 +355,13 @@ Dir::Etc::SourceParts \"\";
         "CD_PROJECTS_GROUP" "CD_PROJECT_NAME" "CD_PROJECT_BRANCH"
     cd_split
     cd_echo "CD_PROJECTS_URL" "CD_PROJECT_URL"
+    # TODO move to Python
+    case "${CD_PM}" in
+        "${CD_PM_APK}"|"${CD_PM_APT}") CD_PKG_SSH="openssh-client" ;;
+        "${CD_PM_DNF}") CD_PKG_SSH="openssh-clients" ;;
+        "${CD_PM_PACMAN}") CD_PKG_SSH="openssh" ;;
+        ;;
+    esac
 }
 
 cd_set_packages_repositories () {
@@ -502,6 +515,18 @@ cd_install_python () {
     cd_ln_python "${CD_PYTHON_COMMAND}"
 }
 
+# TODO move to Python
+cd_install_rsync () {
+    cd_step "Install Rsync"
+    cd_install_package "${CD_PKG_RSYNC}"
+}
+
+# TODO move to Python
+cd_install_ssh () {
+    cd_step "Install SSH"
+    cd_install_package "${CD_PKG_SSH}"
+}
+
 cd_clean_packages_cache () {
     cd_step "Clean packages cache"
     ${CD_PM_CLEAN} || exit

cd/__init__.py

@@ -2,6 +2,7 @@ import os
 
 from cd.project import Project
 from cd.projects import Projects
+from rwx import fs
 from rwx import ps
 
 COMMANDS_PREFIX = 'cd-'
@@ -50,7 +51,7 @@ def cd_clone_branch():
 
 
 def cd_list_environment():
-    for variable, value in sorted(os.environ.items()):
+    for variable, value in sorted(projects.environment.items()):
         print(variable, '=', value)
 
 
@@ -64,3 +65,25 @@ def install_commands(path):
     ]:
         print(command)
         os.symlink(path, os.path.join(user, f'{COMMANDS_PREFIX}{command}'))
+
+
+def set_ssh():
+    ssh_hosts = projects.environment.get('CD_SSH_HOSTS', None)
+    ssh_key = projects.environment.get('CD', None)
+    ssh_type = projects.environment.get('CD_SSH_TYPE', 'ed25519')
+    #
+    home = os.path.expanduser('~')
+    #
+    ssh = os.path.join(home, '.ssh')
+    os.makedirs(ssh, exist_ok=True)
+    os.chmod(ssh, 0o700)
+    #
+    key = os.path.join(ssh, f'id_{ssh_type}')
+    if ssh_key:
+        fs.write(key, ssh_key)
+        os.chmod(key, 0o400)
+    #
+    known = os.path.join(ssh, 'known_hosts')
+    if ssh_hosts:
+        fs.write(known, ssh_hosts)
+        os.chmod(known, 0o400)

cd/__main__.py

@@ -10,6 +10,7 @@ if __name__ == '__main__':
     command, *arguments = sys.argv
     command = os.path.basename(command)
     if command == '__main__.py':
+        cd.set_ssh()
         cd.install_commands(__file__)
     else:
         command = command.replace('-', '_')

readme.md

@@ -41,6 +41,8 @@ from various CA, CI, OCI / OS.
 |:--------------|:------------------------|
 | CD_CA_n       | Numbered CA certificate |
 | CD_DNS        | Space separated servers |
+| CD_SSH_HOSTS  | domain.tld ssh-type pub |
+| CD_SSH_TYPE   | SSH private key type    |
 | CD_URL_ALMA   | Alma repository URL     |
 | CD_URL_ALPINE | Alpine repository URL   |
 | CD_URL_ARCH   | Arch repository URL     |