Merge branch 'master' into users/kgrzebie/actions-migrate-4293

Author: kgrzebien

debian/changelog

@@ -1,3 +1,38 @@
+github-backup-utils (3.3.0) UNRELEASED; urgency=medium
+
+
+ -- [email protected]  Wed, 08 Dec 2021 03:12:53 +0000
+
+github-backup-utils (3.3.0) UNRELEASED; urgency=medium
+
+
+ -- [email protected]  Wed, 08 Dec 2021 03:10:21 +0000
+
+github-backup-utils (3.3.0) UNRELEASED; urgency=medium
+
+
+ -- [email protected]  Wed, 08 Dec 2021 02:56:47 +0000
+
+github-backup-utils (3.3.0) UNRELEASED; urgency=medium
+
+
+ -- [email protected]  Wed, 08 Dec 2021 02:51:06 +0000
+
+github-backup-utils (3.3.0) UNRELEASED; urgency=medium
+
+
+ -- [email protected]  Wed, 08 Dec 2021 02:02:25 +0000
+
+github-backup-utils (3.3.0) UNRELEASED; urgency=medium
+
+
+ -- [email protected]  Wed, 08 Dec 2021 01:56:26 +0000
+
+github-backup-utils (3.3.0) UNRELEASED; urgency=medium
+
+
+ -- [email protected]  Wed, 08 Dec 2021 01:25:12 +0000
+
 github-backup-utils (3.3.0.rc1) UNRELEASED; urgency=medium
 
 

share/github-backup-utils/ghe-ssh-config

@@ -1,7 +1,8 @@
 #!/usr/bin/env bash
-#/ Usage: ghe-ssh-config <proxy_host> [<host>...]
+#/ Usage: ghe-ssh-config <ghe_host> [<host>...]
 #/
-#/ Returns a SSH configuration file.
+#/ Returns a SSH configuration file which configures the connections either through proxy
+#/ using <ghe_host> or connect directly by fetching the IP to list of <host> by <ghe_host>
 #/
 #/ Note: This script typically isn't called directly. It's invoked by the
 #/ ghe-[backup|restore]-* commands.
@@ -18,20 +19,68 @@ GHE_HOSTNAME="$1"
 shift
 
 hosts="$*"
-
-proxy_host=$(ssh_host_part "$GHE_HOSTNAME")
-proxy_port=$(ssh_port_part "$GHE_HOSTNAME")
-proxy_user="${proxy_host%@*}"
-[ "$proxy_user" = "$proxy_host" ] && proxy_user="admin"
-
+ghe_host=$(ssh_host_part "$GHE_HOSTNAME")
+ghe_port=$(ssh_port_part "$GHE_HOSTNAME")
+ghe_user="${ghe_host%@*}"
+[ "$ghe_user" = "$ghe_host" ] && ghe_user="admin"
 opts="$GHE_EXTRA_SSH_OPTS"
+# In case we are connecting to node without <role>-server-<uuid> format, revert back to proxy mode
+[ -z "$GHE_DISABLE_SSH_MUX" ] && opts="-o ControlMaster=auto -o ControlPath=\"$TMPDIR/.ghe-sshmux-$(echo -n "$ghe_user@$ghe_host:$ghe_port" | git hash-object --stdin | cut -c 1-8)\" -o ControlPersist=10m -o ServerAliveInterval=10 $opts"
 
-[ -z "$GHE_DISABLE_SSH_MUX" ] && opts="-o ControlMaster=auto -o ControlPath=\"$TMPDIR/.ghe-sshmux-$(echo -n "$proxy_user@$proxy_host:$proxy_port" | git hash-object --stdin | cut -c 1-8)\" -o ControlPersist=10m -o ServerAliveInterval=10 $opts"
+# Allow GIT_CONFIG to be specified manually for CI.
+if [ -z "$GIT_CONFIG" ]; then
+  # If an individual backup step is being run directly, or this is a restore
+  # then ghe-backup-settings won't have ran, which transfers cluster.conf.
+  if ! $GHE_RESTORE_SNAPSHOT_PATH && [ -f "$GHE_SNAPSHOT_DIR/cluster.conf" ]; then
+    GIT_CONFIG="$GHE_SNAPSHOT_DIR/cluster.conf"
+  else
+    cluster_config_file="$(mktemp -t ".ghe-cluster-conf-XXXXXX")"
+    ghe-ssh "$GHE_HOSTNAME" -- "sudo cat $GHE_REMOTE_CLUSTER_CONF_FILE 2>/dev/null" > "$cluster_config_file"
+    GIT_CONFIG="$cluster_config_file"
+  fi
+fi
+export GIT_CONFIG_NOSYSTEM=1 GIT_CONFIG
 
 for host in $hosts; do
-  cat <<EOF
+  # Determine if a <role>-server-<uuid> host has been specified, and if so
+  # generate the relevant SSH configuration.
+  if [[ "$host" =~ [A-Za-z]+-server-[A-Za-z0-9]{8}-[A-Za-z0-9]{4}-[A-Za-z0-9]{4}-[A-Za-z0-9]{4}-[A-Za-z0-9]{12} ]]; then
+    for cluster_host in $(git config --get-regexp cluster.*.hostname | cut -d ' ' -f2); do
+      uuid=$(git config cluster.$cluster_host.uuid)
+      if [[ "$host" =~ [A-Za-z]+-server-$uuid ]]; then
+        if [ -n "$(git config cluster.$cluster_host.ipv6)" ]; then
+          ip=$(git config "cluster.$cluster_host.ipv6")
+        elif [ -n "$(git config cluster.$cluster_host.ipv4)" ]; then
+          ip=$(git config "cluster.$cluster_host.ipv4")
+        fi
+
+        if [ -z "$temp_ssh_config_file" ]; then
+          temp_ssh_config_file="$(mktemp -t ".hostfile-XXXXXX")"
+          echo "Host *
+User $ghe_user
+Port $ghe_port
+BatchMode yes" >> "$temp_ssh_config_file"
+        fi
+
+        echo "Host git-server-$uuid pages-server-$uuid storage-server-$uuid
+HostName $ip
+Port $ghe_port
+StrictHostKeyChecking no" >> "$temp_ssh_config_file"
+        # If proxy mode is set
+        if [ -n "$GHE_SSH_PROXY" ]; then
+          echo "ProxyCommand  ssh -q $opts -p $ghe_port $ghe_user@$ghe_host nc.openbsd %h %p" >> "$temp_ssh_config_file"
+        fi
+      fi
+    done
+  else
+    cat <<EOF
 Host $host
-  ProxyCommand ssh -q $opts -p $proxy_port $proxy_user@$proxy_host nc.openbsd %h %p
+  ProxyCommand ssh -q $opts -p $ghe_port $ghe_user@$ghe_host nc.openbsd %h %p
   StrictHostKeyChecking=no
 EOF
+  fi
 done
+
+if [ -n "$temp_ssh_config_file" ]; then
+  cat "$temp_ssh_config_file"
+fi

share/github-backup-utils/version

@@ -1 +1 @@
-3.3.0.rc1
+3.3.0

test/cluster.conf

@@ -0,0 +1,65 @@
+[cluster]
+mysql-master = data1
+redis-master = data1
+primary-datacenter = default
+[cluster "app1"]
+hostname = app1
+ipv4 = 172.31.17.242
+consul-datacenter = default
+web-server = true
+job-server = true
+vpn = 169.254.179.1
+uuid = 1915bffc-4be0-11ec-9121-020e101d0b31
+[cluster "app2"]
+hostname = app2
+ipv4 = 172.31.16.237
+consul-datacenter = default
+web-server = true
+job-server = true
+vpn = 169.254.179.2
+uuid = 118ab3aa-4be0-11ec-b260-02a9f5631633
+[cluster "data1"]
+hostname = data1
+ipv4 = 172.31.22.90
+consul-server = true
+consul-datacenter = default
+git-server = true
+pages-server = true
+mysql-server = true
+elasticsearch-server = true
+redis-server = true
+memcache-server = true
+metrics-server = true
+storage-server = true
+vpn = 169.254.179.3
+uuid = 1451687c-4be0-11ec-8684-02c387bd966b
+[cluster "data2"]
+hostname = data2
+ipv4 = 172.31.26.173
+consul-server = true
+consul-datacenter = default
+git-server = true
+pages-server = true
+mysql-server = true
+elasticsearch-server = true
+redis-server = true
+memcache-server = true
+metrics-server = true
+storage-server = true
+vpn = 169.254.179.4
+uuid = 16089d52-4be0-11ec-b892-026c4c5e5bb1
+[cluster "data3"]
+hostname = data3
+ipv4 = 172.31.27.252
+consul-server = true
+consul-datacenter = default
+git-server = true
+pages-server = true
+mysql-server = true
+elasticsearch-server = true
+redis-server = true
+memcache-server = true
+metrics-server = true
+storage-server = true
+vpn = 169.254.179.5
+uuid = 1b355f04-4be0-11ec-8a88-02c296aec13d

test/test-ghe-ssh-config.sh

@@ -5,16 +5,66 @@
 # shellcheck source=test/testlib.sh
 . "$(dirname "$0")/testlib.sh"
 
-begin_test "ghe-ssh-config returns config for multiple nodes"
+export CLUSTER_CONF="$ROOTDIR/test/cluster.conf"
+
+begin_test "ghe-ssh-config returns config for git-server nodes"
+(
+  set -e
+
+  output=$(GIT_CONFIG=$CLUSTER_CONF ghe-ssh-config host1 git-server-1451687c-4be0-11ec-8684-02c387bd966b git-server-16089d52-4be0-11ec-b892-026c4c5e5bb1)
+  # Confirm we don't have a host1 entry as this is the proxy host
+  [ "$(echo "$output" | grep -c "^Host host1")" -eq 0 ]
+  # Confirm we have git-server-<uuid> entries
+  echo "$output" | grep -Eq "^Host git-server-[A-Za-z0-9]{8}-[A-Za-z0-9]{4}-[A-Za-z0-9]{4}-[A-Za-z0-9]{4}-[A-Za-z0-9]{12}"
+  echo "$output" | grep -Eq "pages-server-[A-Za-z0-9]{8}-[A-Za-z0-9]{4}-[A-Za-z0-9]{4}-[A-Za-z0-9]{4}-[A-Za-z0-9]{12}"
+  echo "$output" | grep -Eq "storage-server-[A-Za-z0-9]{8}-[A-Za-z0-9]{4}-[A-Za-z0-9]{4}-[A-Za-z0-9]{4}-[A-Za-z0-9]{12}"
+  [ "$(echo "$output" | grep -Ec "^Host git-server-[A-Za-z0-9]{8}-[A-Za-z0-9]{4}-[A-Za-z0-9]{4}-[A-Za-z0-9]{4}-[A-Za-z0-9]{12}")" -eq 2 ]
+  # Confirm the git-server entries has right IP
+  echo "$output" | grep -q "HostName 172.31.22.90"
+  echo "$output" | grep -q "HostName 172.31.26.173"
+  # Confirm No proxy enabled
+  [ "$(echo "$output" | grep -c "ProxyCommand")" -eq 0 ]
+)
+end_test
+
+begin_test "ghe-ssh-config returns config for git-server nodes with GHE_SSH_PROXY=1"
+(
+  set -e
+
+  output=$(GIT_CONFIG=$CLUSTER_CONF GHE_SSH_PROXY=1 ghe-ssh-config host1 git-server-1451687c-4be0-11ec-8684-02c387bd966b git-server-16089d52-4be0-11ec-b892-026c4c5e5bb1)
+  # Confirm we don't have a host1 entry as this is the proxy host
+  [ "$(echo "$output" | grep -c "^Host host1")" -eq 0 ]
+  # Confirm we have git-server-<uuid> entries
+  echo "$output" | grep -Eq "^Host git-server-[A-Za-z0-9]{8}-[A-Za-z0-9]{4}-[A-Za-z0-9]{4}-[A-Za-z0-9]{4}-[A-Za-z0-9]{12}"
+  echo "$output" | grep -Eq "pages-server-[A-Za-z0-9]{8}-[A-Za-z0-9]{4}-[A-Za-z0-9]{4}-[A-Za-z0-9]{4}-[A-Za-z0-9]{12}"
+  echo "$output" | grep -Eq "storage-server-[A-Za-z0-9]{8}-[A-Za-z0-9]{4}-[A-Za-z0-9]{4}-[A-Za-z0-9]{4}-[A-Za-z0-9]{12}"
+  [ "$(echo "$output" | grep -Ec "^Host git-server-[A-Za-z0-9]{8}-[A-Za-z0-9]{4}-[A-Za-z0-9]{4}-[A-Za-z0-9]{4}-[A-Za-z0-9]{12}")" -eq 2 ]
+  # Confirm the git-server entries has right IP
+  echo "$output" | grep -q "HostName 172.31.22.90"
+  echo "$output" | grep -q "HostName 172.31.26.173"
+  # Confirm proxy enabled
+  [ "$(echo "$output" | grep -c "ProxyCommand")" -eq 2 ]
+
+  # Confirm ControlPath returns correct hash for admin@host1:122
+  echo "$output" | grep -q "admin@host1 nc.openbsd"
+  # Confirm multiplexing enabled
+  echo "$output" | grep -q "ControlMaster=auto"
+  # Confirm ControlPath returns correct hash for admin@host1:122
+  echo "$output" | grep -q ".ghe-sshmux-7cb77002"
+)
+end_test
+
+
+begin_test "ghe-ssh-config returns config for non-server-uuid nodes"
 (
   set -e
 
-  output=$(ghe-ssh-config host1 git-server1 git-server2)
+  output=$(GIT_CONFIG=$CLUSTER_CONF ghe-ssh-config host1 mysql-node1 mysql-node2)
   # Confirm we don't have a host1 entry as this is the proxy host
   echo "$output" | grep -Evq "^Host host1"
   # Confirm we have a host2 and host3 entry
-  echo "$output" | grep -Eq "^Host git-server[12]"
-  [ "$(echo "$output" | grep -E "^Host git-server[12]" | wc -l)" -eq 2 ]
+  echo "$output" | grep -Eq "^Host mysql-node[12]"
+  [ "$(echo "$output" | grep -c "^Host mysql-node[12]")" -eq 2 ]
   # Confirm the host2 and host3 entries proxy though host1
   echo "$output" | grep -q "admin@host1 nc.openbsd"
   # Confirm multiplexing enabled
@@ -28,22 +78,26 @@ begin_test "ghe-ssh-config multiplexing disabled"
 (
   set -e
 
-  output=$(GHE_DISABLE_SSH_MUX=1 ghe-ssh-config host1 git-server1)
+  output=$(GIT_CONFIG=$CLUSTER_CONF GHE_DISABLE_SSH_MUX=1 ghe-ssh-config host1 git-server1)
   echo "$output" | grep -vq "ControlMaster=auto"
 
-  output=$(GHE_DISABLE_SSH_MUX=1 ghe-ssh-config host1 git-server1 git-server2)
+  output=$(GIT_CONFIG=$CLUSTER_CONF GHE_DISABLE_SSH_MUX=1 ghe-ssh-config host1 git-server1 git-server2)
   echo "$output" | grep -vq "ControlMaster=auto"
+
+  # Confirm multiplexing disabled
+  [ "$(echo "$output" | grep -c "ControlMaster=auto")" -eq 0 ]
+  [ "$(echo "$output" | grep -c ".ghe-sshmux-7cb77002")" -eq 0 ]
 )
 end_test
 
 begin_test "ghe-ssh-config with extra SSH opts"
 (
   set -e
 
-  output=$(GHE_EXTRA_SSH_OPTS="-o foo=bar" ghe-ssh-config host1 git-server1)
+  output=$(GIT_CONFIG=$CLUSTER_CONF GHE_EXTRA_SSH_OPTS="-o foo=bar" ghe-ssh-config host1 git-server1)
   echo "$output" | grep -q "foo=bar"
 
-  output=$(GHE_EXTRA_SSH_OPTS="-o foo=bar" ghe-ssh-config host1 git-server1 git-server2)
+  output=$(GIT_CONFIG=$CLUSTER_CONF GHE_EXTRA_SSH_OPTS="-o foo=bar" ghe-ssh-config host1 git-server1 git-server2)
   echo "$output" | grep -q "foo=bar"
 )
 end_test