summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTobias Schramm <tobleminer@gmail.com>2018-08-24 17:43:42 +0200
committerTobias Schramm <tobleminer@gmail.com>2018-08-24 17:43:42 +0200
commit982201cc45ed8ddb0c12e6494e8b34394bb9dcdf (patch)
tree39a4bfdea1bc49cd5fbd0d5b7b475950eb9216a1
parent6d283b342382cbdac631fd29c10d4b222ce4aa3e (diff)
Replace external repo by local copy
Thi gitlab instance does not allow public repos and should be burned to the ground
-rw-r--r--.gitlab-ci.yml12
-rw-r--r--.gitlab-ci/docker/Dockerfile4
-rwxr-xr-x.gitlab-ci/ffki-scripts/check-fastd-keys.sh40
3 files changed, 49 insertions, 7 deletions
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 9ca87bd..9199c8f 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -8,7 +8,7 @@ image:
stages:
- container
- - prepare
+# - prepare
- validate
- deploy
@@ -25,11 +25,11 @@ docker:
- docker push $CONTAINER_IMAGE:$CI_COMMIT_SHA
- docker push $CONTAINER_IMAGE:latest
-scripts:
- stage: prepare
- image: $CI_REGISTRY_IMAGE/build
- script:
- - git clone https://gitlab.toppoint.de/ffki/ffki-scripts.git ./gitlab-ci/ffki-scripts
+#scripts:
+# stage: prepare
+# image: $CI_REGISTRY_IMAGE/build
+# script:
+# - git clone https://gitlab.toppoint.de/ffki/ffki-scripts.git ./gitlab-ci/ffki-scripts
validate:
stage: validate
diff --git a/.gitlab-ci/docker/Dockerfile b/.gitlab-ci/docker/Dockerfile
index a6767a6..af1d82a 100644
--- a/.gitlab-ci/docker/Dockerfile
+++ b/.gitlab-ci/docker/Dockerfile
@@ -1,3 +1,5 @@
FROM debian:stretch
-RUN apt-get update && apt-get install -y git
+RUN apt-get update && apt-get install -y \
+ git \
+ openssh-client
diff --git a/.gitlab-ci/ffki-scripts/check-fastd-keys.sh b/.gitlab-ci/ffki-scripts/check-fastd-keys.sh
new file mode 100755
index 0000000..97a7163
--- /dev/null
+++ b/.gitlab-ci/ffki-scripts/check-fastd-keys.sh
@@ -0,0 +1,40 @@
+#!/usr/bin/env bash
+
+set -e -o pipefail
+
+KEYDIR=${1:-.}
+
+error() {
+ ( >&2 echo $@ )
+}
+
+LINE_VALIDATORS=()
+LINE_VALIDATORS+=('key[[:space:]]+"[0-9a-f]{64}";')
+LINE_VALIDATORS+=('remote[[:space:]]+((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?):[0-9]+;')
+LINE_VALIDATORS+=('remote[[:space:]]+(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))(:|([[:space:]]+port[[:space:]]+))[0-9]+;')
+LINE_VALIDATORS+=('remote[[:space:]]+((ipv4|ipv6)[[:space:]]+)?"[0-9a-zA-Z.-]+"(:|([[:space:]]+port[[:space:]]+))[0-9]+;')
+
+# Validate fastd key files
+keycount=0
+for file in "$KEYDIR"/*; do
+ sed -E 's/^\s+//g;s/[[:space:]]+$//g;/^[[:space:]]*$/d' "$file" |\
+ while read line; do
+ valid=''
+ # Simple comments are always ok
+ echo "$line" | grep -q '^#.*' && continue
+ for validator in "${LINE_VALIDATORS[@]}"; do
+ echo "$line" | egrep -q "^${validator}([[:space:]]*#.*)?$" && {
+ valid=yes
+ break;
+ }
+ done
+ if [ "$valid" != yes ]; then
+ error "Key file '$file' is invalid"
+ error "Offending line: '$line'"
+ exit 1
+ fi
+ done
+ keycount=$((keycount + 1))
+done
+
+echo "OK. $keycount keyfiles"