From 38f3560b01b1911a674a1655403504e9a4dff415 Mon Sep 17 00:00:00 2001
From: hahn <hahn@AAE49.campus.unibe.ch>
Date: Mon, 31 Mar 2014 15:57:20 +0200
Subject: [PATCH] - add ssh host key - fixed: hardcoded exec of puppet agent
 --version

---
 config/inc_projects_config.php                |  5 +++++
 .../deployment/classes/project.class.php      | 21 +++++++++++++++++--
 2 files changed, 24 insertions(+), 2 deletions(-)

diff --git a/config/inc_projects_config.php b/config/inc_projects_config.php
index 3210bf79..e06e8926 100644
--- a/config/inc_projects_config.php
+++ b/config/inc_projects_config.php
@@ -19,6 +19,11 @@ $aConfig = array(
     // ssh install - if a host is given
     'installPackages' => array(
         'user' => 'imldeployment',
+        
+        // command to update ssh hostkey in known_hosts file
+        // %s is name of the server (2x)
+        'addkeycommand' => '/usr/bin/ssh-keygen -R %s; /usr/bin/ssh-keyscan -t rsa %s >> /home/www-data/.ssh/known_hosts',
+        
         'testcommand' => 'sudo puppet --version',
         // puppet agent liefert 0 oder 2 zurueck, wenn OK
         // http://docs.puppetlabs.com/references/3.4.0/man/apply.html
diff --git a/public_html/deployment/classes/project.class.php b/public_html/deployment/classes/project.class.php
index f974ef07..d7015bca 100644
--- a/public_html/deployment/classes/project.class.php
+++ b/public_html/deployment/classes/project.class.php
@@ -1553,6 +1553,16 @@ class project {
         $bReturn = file_put_contents($sCfgFile, json_encode($aData));
         $this->_logaction(t('finished')." saveConfig(...)", __FUNCTION__, "success");
         $this->setProjectById($sId);
+        
+        foreach (array_keys($aData["phases"]) as $sPhase){
+                if ($aData["phases"][$sPhase]["puppethost"]) {
+                        $sServer=$aData["phases"][$sPhase]["puppethost"];
+                        $sCmd="/usr/bin/ssh-keygen -R $sServer; /usr/bin/ssh-keyscan -t rsa $sServer >> $sKnownhosts";
+                        echo $sCmd."<br>";
+                        exec($sCmd);
+                }
+        }
+
         return $bReturn;
     }
 
@@ -2360,8 +2370,15 @@ class project {
                 'placeholder' => '',
             );
             if ($sPuppethost) {
-                $sCmd = 'ssh ' . $this->_aConfig["installPackages"]["user"] . '@' . $sPuppethost . ' sudo puppet --version 2>&1';
-                $sOut = shell_exec($sCmd);
+                
+                // add ssh host key
+                $sOut0=shell_exec(sprintf($this->_aConfig["installPackages"]["addkeycommand"], $sPuppethost, $sPuppethost));
+                
+                $sCmd2 = 'ssh ' . $this->_aConfig["installPackages"]["user"] 
+                        . '@' . $sPuppethost 
+                        . ' ' . $this->_aConfig["installPackages"]["testcommand"];
+                $sOut = shell_exec($sCmd2);
+                
                 // Check auf Versionsnummer - mehr als n Zeichen ist mutmasslich eine Fehlermeldung
                 if (strlen($sOut) > 7) {
                     $sMessages.=$this->getBox("error", sprintf(t("class-project-error-setup-sudo-pupet-agent-failed"), $sPhase, $sCmd, $sOut));
-- 
GitLab