Commit 3dcc821c authored by Lukas Werner's avatar Lukas Werner
Browse files

Namespaced authorized_keys

parent 29c1b3dc
......@@ -36,7 +36,11 @@ id -u "$AUTH_USER" >/dev/null 2>&1 || error "User $AUTH_USER does not exist"
## Use a key pair to authenticate the user (private key has to be set as a GitLab CI/CD variable)
AUTH_KEY=$CUSTOM_ENV_AUTH_KEY
AUTH_PUB=/etc/gitlab-runner/authorized_keys
AUTH_PUB="/etc/gitlab-runner/auth/${CI_SERVER_HOST}/${CI_PROJECT_NAMESPACE}/${CI_PROJECT_NAME}/authorized_keys"
if [[ ! -f "$AUTH_PUB" ]]; then
error "Authentication for user $AUTH_USER not configured for this project."
fi
(
while read -r PUB
......
......@@ -17,6 +17,11 @@ function error {
[ -z "${CUSTOM_ENV_AUTH_USER:+x}" ] && error "AUTH_USER CI/CD variable has not been set."
[ -z "${CUSTOM_ENV_AUTH_KEY:+x}" ] && error "AUTH_KEY secret CI/CD variable has not been set."
AUTH_PUB="/etc/gitlab-runner/auth/${CI_SERVER_HOST}/${CI_PROJECT_NAMESPACE}/${CI_PROJECT_NAME}/authorized_keys"
if [[ ! -f "$AUTH_PUB" ]]; then
error "Authentication for user $AUTH_USER not configured for this project."
fi
AUTH_USER=$CUSTOM_ENV_AUTH_USER
AUTH_USER_WORK=$(runuser "$AUTH_USER" --login --command "echo \$WORK")
......
......@@ -41,7 +41,11 @@ id -u "$AUTH_USER" >/dev/null 2>&1 || error "User $AUTH_USER does not exist"
## Use a key pair to authenticate the user (private key has to be set as a GitLab CI/CD variable)
AUTH_KEY=$CUSTOM_ENV_AUTH_KEY
AUTH_PUB=/etc/gitlab-runner/authorized_keys
AUTH_PUB="/etc/gitlab-runner/auth/${CI_SERVER_HOST}/${CI_PROJECT_NAMESPACE}/${CI_PROJECT_NAME}/authorized_keys"
if [[ ! -f "$AUTH_PUB" ]]; then
error "Authentication for user $AUTH_USER not configured for this project."
fi
(
while read -r PUB
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment