Compare commits
93 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 5eea527242 | |||
| bf0dceb985 | |||
| 3b893b1a2f | |||
| 209d955a29 | |||
| 03921aeb45 | |||
| 2d8e1b42b7 | |||
| 494f48e094 | |||
| b8369809a2 | |||
| 945c092b61 | |||
| d85ab069ac | |||
| dbb1c986eb | |||
| 5c0e9bb56f | |||
| 81409c8af7 | |||
| 55ff2b1929 | |||
| c068d1d96d | |||
| 48103111ca | |||
| 9697087b6a | |||
| cdf00a544b | |||
| 0edef59781 | |||
| c869dfc0eb | |||
| 0081639468 | |||
| f092161276 | |||
| 4548388967 | |||
| 7441ce3140 | |||
| 9d82ce5731 | |||
| df5de2dac3 | |||
| 5d46ac12aa | |||
| 33cf86942b | |||
| 8321968328 | |||
| 771e28df43 | |||
| 6b4b4b3466 | |||
| 6aa52a16ba | |||
| c017ce159c | |||
| 8b89b71975 | |||
| 4f286c806d | |||
| f3f201be80 | |||
| bfcea2ff85 | |||
| fa088c83c7 | |||
| 580538e142 | |||
| 23a02a28db | |||
| 01480124dc | |||
| df6b6e006f | |||
| 0cadeac9e6 | |||
| efa57aab20 | |||
| 457f6d7ddd | |||
| 530a353cc8 | |||
| 1c07082967 | |||
| 41cd492201 | |||
| e5f313bcd5 | |||
| 123227091e | |||
| 3804b08484 | |||
| 71980977ac | |||
| 47609ee00f | |||
| 6fe023822a | |||
| 7cde6b07ff | |||
| 2069fd8d17 | |||
| 7d939c48d9 | |||
| 1cd9a09d6e | |||
| e98b104683 | |||
| 31d087b43d | |||
| 1a26227897 | |||
| a879ba59ff | |||
| f98cfb2f61 | |||
| b3d1d1919d | |||
| 8fd2d9c801 | |||
| ac5fe60856 | |||
| 57dfd25ae7 | |||
| c2e23a4179 | |||
| 8191d25d93 | |||
| cb5ab556b1 | |||
| eb1a09d86e | |||
| 58338504c2 | |||
| e2830c27a7 | |||
| 8c812ae791 | |||
| d1d1a5f5a9 | |||
| 9f1c1a78d7 | |||
| 739e3b30b9 | |||
| 3878290860 | |||
| 58e228bf69 | |||
| ca0ea24dc5 | |||
| 76e4a1c1db | |||
| 4adc944019 | |||
| 3e52308755 | |||
| cc6b2dc75d | |||
| 1a83b7f1bf | |||
| 5ca6644607 | |||
| 1e26944d4e | |||
| 389b7c5208 | |||
| 9a6c8368e3 | |||
| 7823b2eb89 | |||
| 1dca7e0222 | |||
| e3e0638c18 | |||
| eff5867ddf |
86
.drone.yml
Normal file
86
.drone.yml
Normal file
|
|
@ -0,0 +1,86 @@
|
|||
kind: pipeline
|
||||
type: docker
|
||||
name: default
|
||||
|
||||
steps:
|
||||
|
||||
- name: 2. test
|
||||
image: golang
|
||||
volumes:
|
||||
- name: deps
|
||||
path: /go
|
||||
commands:
|
||||
- go test ./...
|
||||
|
||||
- name: 3. build
|
||||
image: golang
|
||||
volumes:
|
||||
- name: deps
|
||||
path: /go
|
||||
commands:
|
||||
- go build -v -race -a ./...
|
||||
|
||||
- name: 4. deploy
|
||||
image: alpine
|
||||
volumes:
|
||||
- name: ssh_key
|
||||
path: /root/.ssh
|
||||
commands:
|
||||
- chmod 0400 /root/.ssh/id_rsa.kubehost
|
||||
- ls -lah /root/.ssh/id_rsa.kubehost
|
||||
- apk add --no-cache openssh
|
||||
- ssh -p21022 -o StrictHostKeyChecking=accept-new -i /root/.ssh/id_rsa.kubehost mtc@bosub-kub-int.metacoaching.pro "hostname"
|
||||
|
||||
- name: 5. notify fail
|
||||
image: bash:4.4
|
||||
environment:
|
||||
ZULIP_HOST: https://zulip.meta-tech.academy
|
||||
ZULIP_STREAM: gitea
|
||||
ZULIP_TOPIC: build
|
||||
ZULIP_STATUS: ":check:"
|
||||
ZULIP_USER:
|
||||
from_secret: ZULIP_BOT
|
||||
ZULIP_TKN:
|
||||
from_secret: ZULIP_TOKEN
|
||||
commands:
|
||||
- apk add --no-cache curl
|
||||
- export ZULIP_STATUS=":prohibited:"
|
||||
- export ZULIP_MESSAGE=$${DRONE_COMMIT_MESSAGE:-2}
|
||||
- export SHORT_COMMIT=$${DRONE_COMMIT:0:7}
|
||||
- export REMOTE_URL=$${DRONE_REMOTE_URL:0:-4}
|
||||
- export REMOTE_URL=$${DRONE_REMOTE_URL:0:-4}
|
||||
- export ZULIP_FAILED_STEPS=$${DRONE_FAILED_STEPS}
|
||||
- export FLAG_FAIL=":triangular_flag:"
|
||||
- curl -s -X POST "$ZULIP_HOST/api/v1/messages" -u "$ZULIP_USER:$ZULIP_TKN" --data-urlencode "type=stream" --data-urlencode "to=\"$ZULIP_STREAM\"" --data-urlencode "topic=$ZULIP_TOPIC" --data "content=$ZULIP_STATUS **[build %23${DRONE_BUILD_NUMBER}](${DRONE_BUILD_LINK})**%0A> **${DRONE_BUILD_EVENT}** event on **${DRONE_COMMIT_BRANCH}** branch *by* **${DRONE_COMMIT_AUTHOR}** ([$SHORT_COMMIT]($REMOTE_URL/commit/${DRONE_COMMIT}))%0A> $ZULIP_MESSAGE%0A> $FLAG_FAIL ***failed at step*** $ZULIP_FAILED_STEPS"
|
||||
when:
|
||||
status:
|
||||
- failure
|
||||
|
||||
- name: 5. notify done
|
||||
image: bash:4.4
|
||||
environment:
|
||||
ZULIP_HOST: https://zulip.meta-tech.academy
|
||||
ZULIP_STREAM: gitea
|
||||
ZULIP_TOPIC: build
|
||||
ZULIP_STATUS: ":check:"
|
||||
ZULIP_USER:
|
||||
from_secret: ZULIP_BOT
|
||||
ZULIP_TKN:
|
||||
from_secret: ZULIP_TOKEN
|
||||
commands:
|
||||
- apk add --no-cache curl
|
||||
- export ZULIP_STATUS=":check:"
|
||||
- export ZULIP_MESSAGE=$${DRONE_COMMIT_MESSAGE:-2}
|
||||
- export SHORT_COMMIT=$${DRONE_COMMIT:0:7}
|
||||
- export REMOTE_URL=$${DRONE_REMOTE_URL:0:-4}
|
||||
- curl -s -X POST "$ZULIP_HOST/api/v1/messages" -u "$ZULIP_USER:$ZULIP_TKN" --data-urlencode "type=stream" --data-urlencode "to=\"$ZULIP_STREAM\"" --data-urlencode "topic=$ZULIP_TOPIC" --data "content=$ZULIP_STATUS **[build %23${DRONE_BUILD_NUMBER}](${DRONE_BUILD_LINK})**%0A> **${DRONE_BUILD_EVENT}** event on **${DRONE_COMMIT_BRANCH}** branch *by* **${DRONE_COMMIT_AUTHOR}** ([$SHORT_COMMIT]($REMOTE_URL/commit/${DRONE_COMMIT}))%0A> $ZULIP_MESSAGE"
|
||||
when:
|
||||
status:
|
||||
- success
|
||||
|
||||
volumes:
|
||||
- name: deps
|
||||
temp: {}
|
||||
- name: ssh_key
|
||||
host:
|
||||
path: /home/repo/drone
|
||||
121
crypt/rsa.go
Normal file
121
crypt/rsa.go
Normal file
|
|
@ -0,0 +1,121 @@
|
|||
package crypt
|
||||
|
||||
import (
|
||||
"crypto/rand"
|
||||
"crypto/rsa"
|
||||
"crypto/sha256"
|
||||
"crypto/x509"
|
||||
"encoding/base64"
|
||||
"encoding/pem"
|
||||
"fmt"
|
||||
"log"
|
||||
|
||||
"golang.org/x/crypto/ssh"
|
||||
)
|
||||
|
||||
type RsaEncrypt struct {
|
||||
pub *rsa.PublicKey
|
||||
}
|
||||
|
||||
func NewRsaEncrypt(key []byte) *RsaEncrypt {
|
||||
pkey, _, _, _, err := ssh.ParseAuthorizedKey(key)
|
||||
if err != nil {
|
||||
log.Fatal("unable to parse authorized key")
|
||||
}
|
||||
// upgrade first to ssh.CryptoPublicKey interface
|
||||
// then call CryptoPublicKey() to get actual crypto.PublicKey
|
||||
// Finally, convert back to an *rsa.PublicKey
|
||||
pubCrypto := pkey.(ssh.CryptoPublicKey).CryptoPublicKey()
|
||||
return &RsaEncrypt{pubCrypto.(*rsa.PublicKey)}
|
||||
}
|
||||
|
||||
func (re *RsaEncrypt) Encrypt(data []byte) (string, error) {
|
||||
encryptedBytes, err := rsa.EncryptOAEP(
|
||||
sha256.New(),
|
||||
rand.Reader,
|
||||
re.pub,
|
||||
data,
|
||||
nil)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
return base64.StdEncoding.EncodeToString(encryptedBytes), nil
|
||||
}
|
||||
|
||||
type RsaKey struct {
|
||||
priv *rsa.PrivateKey
|
||||
}
|
||||
|
||||
func NewRsaKey(size int) *RsaKey {
|
||||
key, err := rsa.GenerateKey(rand.Reader, size)
|
||||
if err != nil {
|
||||
log.Fatalf("unable to generate key with size %d", size)
|
||||
}
|
||||
return &RsaKey{key}
|
||||
}
|
||||
|
||||
func LoadRsaKey(privKey []byte) *RsaKey {
|
||||
block, _ := pem.Decode(privKey)
|
||||
key, err := x509.ParsePKCS1PrivateKey(block.Bytes)
|
||||
key.Size()
|
||||
if err != nil {
|
||||
log.Fatal("unable to parse pkcs1 priv key")
|
||||
}
|
||||
return &RsaKey{priv: key}
|
||||
}
|
||||
|
||||
func (rk *RsaKey) GetBytes() []byte {
|
||||
return pem.EncodeToMemory(&pem.Block{
|
||||
Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(rk.priv),
|
||||
})
|
||||
}
|
||||
|
||||
func (rk *RsaKey) GetPubKeyBytes() []byte {
|
||||
pub, err := ssh.NewPublicKey(rk.priv.Public())
|
||||
if err != nil {
|
||||
log.Fatal("unable to retriew public key")
|
||||
}
|
||||
return ssh.MarshalAuthorizedKey(pub)
|
||||
}
|
||||
|
||||
func (rk *RsaKey) GetRsaEncrypt() *RsaEncrypt {
|
||||
return &RsaEncrypt{&rk.priv.PublicKey}
|
||||
}
|
||||
|
||||
func (rk *RsaKey) Decrypt(b64data []byte) ([]byte, error) {
|
||||
data, err := base64.StdEncoding.DecodeString(string(b64data))
|
||||
if err != nil {
|
||||
log.Fatal("unable to decode base64 data")
|
||||
}
|
||||
decrypted, err := rsa.DecryptOAEP(sha256.New(), rand.Reader, rk.priv, data, nil)
|
||||
if err != nil {
|
||||
log.Fatal("unable to decrypt data")
|
||||
}
|
||||
return decrypted, nil
|
||||
}
|
||||
|
||||
func mainSshCrypt() {
|
||||
rk := NewRsaKey(4096)
|
||||
pubKey := rk.GetPubKeyBytes()
|
||||
fmt.Println("== PUB KEY ==")
|
||||
fmt.Println(string(pubKey))
|
||||
fmt.Println("== PRIV KEY ==")
|
||||
fmt.Println(string(rk.GetBytes()))
|
||||
|
||||
rk2 := LoadRsaKey(rk.GetBytes())
|
||||
fmt.Println("== LOADED KEY ==")
|
||||
fmt.Println(string(rk2.GetBytes()))
|
||||
|
||||
// fmt.Println("== GET RsaEncrypt ==")
|
||||
// re := rk.GetRsaEncrypt()
|
||||
fmt.Println("== NewRsaEncrypt ==")
|
||||
re := NewRsaEncrypt(pubKey)
|
||||
|
||||
fmt.Println("== ENCRYPT data ==")
|
||||
encryptedData, _ := re.Encrypt([]byte("hello world"))
|
||||
fmt.Println(encryptedData)
|
||||
|
||||
decryptedData, _ := rk.Decrypt([]byte(encryptedData))
|
||||
fmt.Println("== DECRYPT data ==")
|
||||
fmt.Println(string(decryptedData))
|
||||
}
|
||||
|
|
@ -159,7 +159,7 @@ func (s *Ssh) DownloadFile(remoteFile string, localFile string, display bool, cl
|
|||
if close {
|
||||
defer scp.Close()
|
||||
}
|
||||
if err := s.downloadFile(size, scp, remoteFile, localFile); err == nil {
|
||||
if err := s.downloadFile(scp, remoteFile, localFile); err == nil {
|
||||
done = sys.CheckSumFile(checksum, localFile)
|
||||
if display {
|
||||
echo.Cstyle("usageCom").Echo(" file downloaded !\n")
|
||||
|
|
@ -177,13 +177,13 @@ func (s *Ssh) DownloadFile(remoteFile string, localFile string, display bool, cl
|
|||
return done
|
||||
}
|
||||
|
||||
func (s *Ssh) ScpDownload(size int64, remoteFile string, localFile string, close bool) bool {
|
||||
func (s *Ssh) ScpDownload(remoteFile string, localFile string, close bool) bool {
|
||||
var done bool = false
|
||||
scp := s.Scp()
|
||||
if close {
|
||||
defer scp.Close()
|
||||
}
|
||||
if err := s.downloadFile(size, scp, remoteFile, localFile); err == nil {
|
||||
if err := s.downloadFile(scp, remoteFile, localFile); err == nil {
|
||||
done = true
|
||||
} else {
|
||||
log.Fatal(err)
|
||||
|
|
@ -191,7 +191,7 @@ func (s *Ssh) ScpDownload(size int64, remoteFile string, localFile string, close
|
|||
return done
|
||||
}
|
||||
|
||||
func (s *Ssh) downloadFile(size int64, sc *sftp.Client, remoteFile string, localFile string) (err error) {
|
||||
func (s *Ssh) downloadFile(sc *sftp.Client, remoteFile string, localFile string) (err error) {
|
||||
|
||||
// Note: SFTP To Go doesn't support O_RDWR mode
|
||||
srcFile, err := sc.OpenFile(remoteFile, (os.O_RDONLY))
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user