[snowpatch] [PATCH] Replace ssh agent authentication with explicit key
Russell Currey
ruscur at russell.cc
Fri Dec 2 11:00:32 AEDT 2016
On Thu, 2016-12-01 at 17:08 +1100, Andrew Donnellan wrote:
> On 01/12/16 17:04, Andrew Donnellan wrote:
> > From: Russell Currey <ruscur at russell.cc>
> >
> > libgit2 has a long-standing obscure bug where it gets in an infinite loop
> > calling ssh-agent. ssh-agent has been a pain point in snowpatch for a
> > while now, so let's just not use it - instead, manually specify public and
> > private keys. This adds the benefit of configuring the user ("git" was
> > hardcoded for GitHub/GitLab previously) as well as passphrase support.
> >
> > Future possibility: support parsing "~/" in the settings file.
> >
> > Signed-off-by: Russell Currey <ruscur at russell.cc>
>
> The only reservations I have about this patch:
I wouldn't mind having a commented out bogus passphrase in the example file
>
> * It would be nice if we could still fall back on ssh-agent for the
> circumstances where the libgit2 bug doesn't get exposed
ssh-agent use is fundamentally broken in libgit2 and I don't want it to get used
at all. If we get ~/ support and have ~/.ssh/id_rsa{.pub} as defaults it'll
catch the majority of cases.
>
> * Different projects can use different git remotes which in turn could
> require different usernames or keys
This wouldn't be too much of a PITA to deal with since we set up the auth
callbacks once we're isolated on a single project, so we could have base git
settings then overwrite them. I think in *most* cases snowpatch will be pushing
to roughly the same place (i.e. GitHub or GitLab) so this won't be a big deal,
you can work around this by running multiple snowpatch instances that test
different projects.
So yeah we should do this but I don't think it should block this patch going in.
>
> Thoughts?
>
People talk about aliens looking at humanity and thinking we're super dumb
because of ironic memes and electing Trump and all that, but the likeliness that
other lifeforms are within the range of human intellect and not vastly superior
or inferior is crazy low. They're either going to read about the LHC and think
we're morons, or look at a picture that calls a deer a "doggo with antlers" and
think we're geniuses.
More information about the snowpatch
mailing list