From 62d00c20476d8e25974c2f78ec9c2bd05d8f2412 Mon Sep 17 00:00:00 2001 From: "wu.zhihui" Date: Sat, 22 Oct 2016 11:58:03 +0800 Subject: Remove Qtip private key files in repos 1. Automaticly genegrate private key files. 2. remove the key files in repo at last. 3. remove public key from authorized_keys of compute hosts. JIRA: QTIP-110 Change-Id: Ie22f3f195edf650e690a2ed69df1af191953068f Signed-off-by: wu.zhihui --- config/QtipKey | 27 --------------------------- config/QtipKey.pub | 1 - docker/run_qtip.sh | 9 +++++++++ func/args_handler.py | 10 ++++++---- func/env_setup.py | 6 ++++++ qtip.py | 2 -- scripts/cleanup_creds.sh | 14 ++++++++++++++ scripts/file_permission.sh | 3 --- 8 files changed, 35 insertions(+), 37 deletions(-) delete mode 100644 config/QtipKey delete mode 100644 config/QtipKey.pub create mode 100644 scripts/cleanup_creds.sh delete mode 100755 scripts/file_permission.sh diff --git a/config/QtipKey b/config/QtipKey deleted file mode 100644 index 3f520775..00000000 --- a/config/QtipKey +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEpAIBAAKCAQEAxVpAC+Q8LTyftATCgVHIKvDkXYzHI/8CZeKlVWHlHUA0/6Eu -qSrhzbpOwSaQi2C3x4Eszvh7/CfuVMql11yShsXwFD7aV6x0YG7q8IUScHILUFal -m0Fx52No7IpB3llluUV+kh8ay68V9OGvMZrQ+wWw4ieh2alUnpvFwteXmb8NQtXW -6pm2algUVixc4R3//YKLnGkj93pGFlQlDz5Q0vg+69jHNgodGewIrxCWeZk2pnn0 -vNAdWTQUTm7z/1uYz6AIeR/Wx66msmchFRmmDpP7aHXSSQEBySF7v/GEsZ1JwtBW -07WebNiTv9wYoOfyKVuZuTbBwjqlT4x5CpIJEwIDAQABAoIBAFHcDZThJtTcwKG7 -F7LsaUrmgNMNAc08iZIZYNr5sD9h0pn2EZS55M+g5+nWRT6K77AhNKTlDQiax5EE -PaYHEAA3Ok4rhAW50svtNiZuDCf4Jhk815R+oPCJm4wCDTBdhIRE/ys9G7BA/6qD -slexD94Pjj9AkTHnuuHPW0hmhMuQaSg96EO6QUWCG/HeMFDGcorBlM0s+NeR46Jm -dI8tOvt+rSa68oDtKEwhUbP5cATNdAITzo9+4We5EnYhW9/nRsaF/um2BPih6JnU -zG9udvZwj+YARmEfxhXzeRDpi30qYil/+CUF+qdyd8eoPBvhsW6rr1TA6XYGmPDN -SnlPLAECgYEA6RtgGqL34orxiqT3tDkA2Lb4aSq9Zntr09VAqwft4I3550XihHsa -lqJoy2macX36f60oRDZEL3v4cH22zyjojav4MXe2fLlCiApy45xCzsGkWizxTe5D -184jUIcRxb/sGbOulbXBdu8lmtNiyslvkAoj75bvL2MXhytbYgikhrMCgYEA2Lv1 -9Os+VXT9py/67dO/GY14NUpT1sFq2zxPYWpKxJD+j/NVZsflpPd/V5cGANZGovA0 -c8WNupJmCO1P20uldRX5dJ3EhhER2kn0yKhZuBBxmrELQZdnXGc9T8ub0xJVbo2u -K3Km3C1Dx7Us4BwzGOO6K2kYbT1ij/vAbZWmpCECgYBdkhqStqYwbrukfrHbyyH2 -3AN9G6XpdFOFNc3+mXE4OWV+G4Rgz5WNr+XG+T4AnqQmChjmwK3ALdA9P4lZQL+Q -1t4K5VYAXNFDEIarrPb4Tayucenu8VyUTO/KDF3q9i5M5t6Gw+3D0x1SN9YpNpCs -zhU8wGaErA8uuA23nWaFlwKBgQDXSf6MB5GnucqtZI/R5uCRNWIPLYISdZb7p/EC -R1912sHDpGdU7YREVkV8cFxaQH9yI0E3LyoWBo6sl28X2xDEOcvN91ncAuDFAWnS -WMimek8e5nbT9N2LgFH7Dbn/9NpAMySrq/vsAlqt6l5lUB3Bv5SSwpatDKj3dZA0 -Ss95gQKBgQCvwxW4PSd+hxdofwGd6KBwhA404GPdcVLLmASGVYRNcVNyfhUmMCn+ -UF1WsBCOcnWjJ/pT864S9Rp1bbqzpQS8Pz1vJwhkaHEJD0a5l+KhD4llsWDjUNfI -KfVffcmydNC3uRD59WPZEAgu+gOS8kRw7lybFTNuMS7B3dC5v9UtWg== ------END RSA PRIVATE KEY----- diff --git a/config/QtipKey.pub b/config/QtipKey.pub deleted file mode 100644 index 7a40f91c..00000000 --- a/config/QtipKey.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDFWkAL5DwtPJ+0BMKBUcgq8ORdjMcj/wJl4qVVYeUdQDT/oS6pKuHNuk7BJpCLYLfHgSzO+Hv8J+5UyqXXXJKGxfAUPtpXrHRgburwhRJwcgtQVqWbQXHnY2jsikHeWWW5RX6SHxrLrxX04a8xmtD7BbDiJ6HZqVSem8XC15eZvw1C1dbqmbZqWBRWLFzhHf/9goucaSP3ekYWVCUPPlDS+D7r2Mc2Ch0Z7AivEJZ5mTamefS80B1ZNBRObvP/W5jPoAh5H9bHrqayZyEVGaYOk/toddJJAQHJIXu/8YSxnUnC0FbTtZ5s2JO/3Big5/IpW5m5NsHCOqVPjHkKkgkT root@foreman-jump.opnfv.com diff --git a/docker/run_qtip.sh b/docker/run_qtip.sh index 62f97c88..a7a20501 100755 --- a/docker/run_qtip.sh +++ b/docker/run_qtip.sh @@ -1,4 +1,5 @@ #! /bin/bash + run_test_suite() { if [ "$TEST_CASE" == "compute" ]; then @@ -21,8 +22,16 @@ run_test_suite() fi } +rm -f ${QTIP_DIR}/config/QtipKey* + +echo "Generating ssh keypair" +ssh-keygen -t rsa -N "" -f ${QTIP_DIR}/config/QtipKey -q + source ${QTIP_DIR}/docker/prepare_qtip_image.sh run_test_suite source ${QTIP_DIR}/docker/cleanup_qtip_image.sh + +echo "Remove ssh keypair" +rm -f ${QTIP_DIR}/config/QtipKey* diff --git a/func/args_handler.py b/func/args_handler.py index 59712800..582a24b1 100644 --- a/func/args_handler.py +++ b/func/args_handler.py @@ -59,10 +59,12 @@ def prepare_ansible_env(benchmark_test_case): def run_benchmark(installer_type, pwd, benchmark, benchmark_details, proxy_info, env_setup, benchmark_test_case): driver = Driver() - return driver.drive_bench(installer_type, pwd, benchmark, - env_setup.roles_dict.items(), - _get_f_name(benchmark_test_case), - benchmark_details, env_setup.ip_pw_dict.items(), proxy_info) + result = driver.drive_bench(installer_type, pwd, benchmark, + env_setup.roles_dict.items(), + _get_f_name(benchmark_test_case), + benchmark_details, env_setup.ip_pw_dict.items(), proxy_info) + env_setup.cleanup_authorized_keys() + return result def prepare_and_run_benchmark(installer_type, pwd, benchmark_test_case): diff --git a/func/env_setup.py b/func/env_setup.py index 9e21a5b6..6027f904 100644 --- a/func/env_setup.py +++ b/func/env_setup.py @@ -208,3 +208,9 @@ class Env_setup: def call_ssh_test(self): self.ssh_test(self.ip_pw_list) + + def cleanup_authorized_keys(self): + for ip, pw in self.ip_pw_list: + cmd = './scripts/cleanup_creds.sh %s' % ip + logger.info("cleanup authorized_keys: %s " % cmd) + os.system(cmd) diff --git a/qtip.py b/qtip.py index 493f014e..ea64b933 100644 --- a/qtip.py +++ b/qtip.py @@ -7,11 +7,9 @@ # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## from func.cli import Cli -import os def main(): - os.system('./scripts/file_permission.sh') Cli() diff --git a/scripts/cleanup_creds.sh b/scripts/cleanup_creds.sh new file mode 100644 index 00000000..9bf44305 --- /dev/null +++ b/scripts/cleanup_creds.sh @@ -0,0 +1,14 @@ +#! /bin/bash + +DEST_IP=$1 +HOSTNAME=$(hostname) +sshoptions="-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null" + +case "$INSTALLER_TYPE" in + fuel) + ssh $sshoptions -i ./config/QtipKey root@$DEST_IP "sed -i '/root@$HOSTNAME/d' /root/.ssh/authorized_keys" + ;; +esac + + + diff --git a/scripts/file_permission.sh b/scripts/file_permission.sh deleted file mode 100755 index a8af957e..00000000 --- a/scripts/file_permission.sh +++ /dev/null @@ -1,3 +0,0 @@ -#! /bin/bash -chmod 0600 config/QtipKey -chmod 0600 config/QtipKey.pub -- cgit 1.2.3-korg