Skip to content
Snippets Groups Projects
Commit e3b98641 authored by Lukas Werner's avatar Lukas Werner
Browse files

Removed unnecessary auth in config.sh

parent 519d38c0
No related branches found
No related tags found
No related merge requests found
...@@ -2,42 +2,6 @@ ...@@ -2,42 +2,6 @@
set -euf -o pipefail set -euf -o pipefail
shopt -s inherit_errexit shopt -s inherit_errexit
hash id
hash diff
hash ssh-keygen
hash runuser
function error {
: "${RV:=${2:-$BUILD_FAILURE_EXIT_CODE}}"
echo "$1" >&2
return "$RV"
}
## User authentication
: "${CUSTOM_ENV_AUTH_USER:?"AUTH_USER CI/CD variable has not been set."}"
: "${CUSTOM_ENV_AUTH_KEY:?"AUTH_KEY CI/CD variable has not been set."}"
AUTH_USER=$CUSTOM_ENV_AUTH_USER
## Check if the user exists and the validity of its ID
id -u "$AUTH_USER" >/dev/null 2>&1 || error "User $AUTH_USER does not exist"
(( $(id -u "$AUTH_USER") >= 1000 )) || error "User $AUTH_USER ID within system reserved range."
## Use a key pair to authenticate the user (private key has to be set as a GitLab CI/CD variable)
AUTH_KEY=$CUSTOM_ENV_AUTH_KEY
AUTH_PUB=/etc/gitlab-runner/authorized_keys
(
while read -r PUB
do
diff --color=never <(ssh-keygen -y -e -f /dev/stdin <<< "$AUTH_KEY") <(ssh-keygen -y -e -f /dev/stdin <<< "$PUB") > /dev/null && exit 0
done < "$AUTH_PUB"
exit 1
) || error "Authentication failed."
### Env setup
AUTH_USER_WORK=$(runuser "$AUTH_USER" --login --command "echo \$WORK") AUTH_USER_WORK=$(runuser "$AUTH_USER" --login --command "echo \$WORK")
: "${AUTH_USER_WORK:?"Could not determine $AUTH_USER's \$WORK directory."}" : "${AUTH_USER_WORK:?"Could not determine $AUTH_USER's \$WORK directory."}"
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment