WIP SSH Server

Kolman-Freecss · Oct 6, 2024 · 182d946 · 182d946
1 parent 5e231aa
commit 182d946
Show file tree

Hide file tree

Showing 4 changed files with 17 additions and 6 deletions.
diff --git a/TODO.md b/TODO.md
@@ -2,4 +2,5 @@
 
 - [ ] CLI interface to add configuration, tasks, etc. 
 - [ ] Healthcheck not working properly in dockercompose
-- [ ] Fix Github Actions Tests
+- [ ] Fix Github Actions Tests
+- [ ] Start SSH Server automatically on agent host (port 22)
diff --git a/src/local/main/config.py b/src/local/main/config.py
@@ -9,6 +9,7 @@ class ConfigKeys(str, Enum):
     JENKINS_PASS = 'JENKINS_PASS'
     PAT_JENKINS = 'PAT_JENKINS'
     JENKINS_CREDENTIALS_ID = 'JENKINS_CREDENTIALS_ID'
+    AGENT_CREDENTIALS_SSH = 'AGENT_CREDENTIALS_SSH'
 
 
 # Global variables
@@ -21,7 +22,7 @@ class ConfigKeys(str, Enum):
     env_files_path = os.path.join(project_root, '.env', f'env.{ENV}')
     ENV = 'local'
 
-# TODO - This is a hack to get around the fact that the sensitive data is not injected through the gitlab pipeline
+# Sensitive data not injected through pipelines
 config = dotenv_values(env_files_path)
 
 if ENV == 'prod':
@@ -31,13 +32,15 @@ class ConfigKeys(str, Enum):
     jenkins_password = os.getenv(ConfigKeys.JENKINS_PASS.value)  # Get it from Jenkins > User > Configure
     jenkins_pat_token = os.getenv(ConfigKeys.PAT_JENKINS.value)
     jenkins_credentials_id = os.getenv(ConfigKeys.JENKINS_CREDENTIALS_ID.value)
+    agent_credentials_ssh = os.getenv(ConfigKeys.AGENT_CREDENTIALS_SSH.value)
 
     # Storing values in the config dictionary
     config[ConfigKeys.JENKINS_URL.value] = jenkins_url
     config[ConfigKeys.JENKINS_USER.value] = jenkins_username
     config[ConfigKeys.JENKINS_PASS.value] = jenkins_password
     config[ConfigKeys.PAT_JENKINS.value] = jenkins_pat_token
     config[ConfigKeys.JENKINS_CREDENTIALS_ID.value] = jenkins_credentials_id
+    config[ConfigKeys.AGENT_CREDENTIALS_SSH.value] = agent_credentials_ssh
 
 def get(key: str) -> str:
     return config.get(key)
diff --git a/src/local/main/init_jenkins.py b/src/local/main/init_jenkins.py
@@ -9,7 +9,9 @@
 print(f"JENKINS INFO -> Jenkins URL: {config_module.get(config_module.ConfigKeys.JENKINS_URL)}, Username: {config_module.get(config_module.ConfigKeys.JENKINS_USER)}, API Token: {config_module.get(config_module.ConfigKeys.JENKINS_PASS)}")
 
 # ----------- Generate SSH key pair -----------
+print('Getting SSH key...')
 private_key = services.get_ssh() # Get the private key from the SSH key pair to connect Jenkins node via SSH to the agent (machine defined)
+print('Building credentials SSH on Jenkins...')
 services.build_credentials(CredentialsType.SSH)
 
 # Jenkins version
@@ -77,14 +79,14 @@
 
     ssh_port = 22
     ssh_user = config_module.get(config_module.ConfigKeys.JENKINS_USER)
-    ssh_credentials = private_key # private_key
+    ssh_credentials = config_module.get(config_module.ConfigKeys.AGENT_CREDENTIALS_SSH)
     ssh_agent_host = 'host.docker.internal'  # Is the host where Jenkins Docker is running
     print(f"SSH data -> Port: {ssh_port}, User: {ssh_user}, Credentials: {ssh_credentials}, Host: {ssh_agent_host}")
 
     params = {
         'port': ssh_port,
         'username': ssh_user,
-        'privateKey': ssh_credentials,
+        'credentialsId': ssh_credentials,
         'host': ssh_agent_host
     }
     print("Creating node with parameters")
@@ -98,6 +100,8 @@
         launcher_params=params)
 
     print(f"Node '{node_name}' created successfully with Docker installation.")
+
+    # TODO: Init SSH Client on agent host
     start_jenkins_agent = './start_jenkins_agent.helpers'
     print(f'Now it will start the Jenkins agent with the following command: {start_jenkins_agent}')
     # subprocess.run(['bash', start_jenkins_agent], check=True)

diff --git a/src/local/main/services.py b/src/local/main/services.py
@@ -24,7 +24,7 @@ def get_jenkins_crumb() -> tuple[str, str]:
     """
     crumb_response = requests.get(
         f'{config_module.config.get(config_module.ConfigKeys.JENKINS_URL)}/crumbIssuer/api/xml?xpath=concat(//crumbRequestField,":",//crumb)',
-        auth=(config_module.config.get(config_module.ConfigKeys.JENKINS_USER), config_module.config.get(config_module.ConfigKeys.PAT_JENKINS))
+        auth=(config_module.config.get(config_module.ConfigKeys.JENKINS_USER), config_module.config.get(config_module.ConfigKeys.JENKINS_PASS))
     )
 
     if crumb_response.status_code != 200:
@@ -84,18 +84,21 @@ def build_credentials(credential_type: CredentialsType) -> any:
     else:
         raise ValueError("Unsupported credential type")
 
+    print(f'build_credentials:: Fetching Jenkins crumb... to build Credentials: {credential_type}')
     crumb_field, crumb_value = get_jenkins_crumb()
 
     response = requests.post(
         f'{config_module.config.get(config_module.ConfigKeys.JENKINS_URL)}/credentials/store/system/domain/_/createCredentials',
-        auth=(config_module.config.get(config_module.ConfigKeys.JENKINS_USER), config_module.config.get(config_module.ConfigKeys.PAT_JENKINS)),
+        auth=(config_module.config.get(config_module.ConfigKeys.JENKINS_USER), config_module.config.get(config_module.ConfigKeys.JENKINS_PASS)),
         data=credentials,
         headers={
             'Content-Type': 'application/xml',
             crumb_field: crumb_value  # Add crumb to headers
         }
     )
 
+    # jenkins_service.create_credential(folder_name='system', config_xml=credentials, domain_name='')
+
     if response.status_code == 200:
         print('Credentials created successfully')
     else: