support GitHub Enterprise servers

Added support for GitHub Enterprise servers by loosening the
restrictions on the hostname portion of the deploy key comment being
"github.com" to any hostname and then using that hostname in the rest of
the config. Adjusted the regex to match the end of the line since the
comment portion is at the end. fixes #934
This commit is contained in:
Doug Goldstein 2023-02-15 14:47:25 -06:00
parent ea17a056b9
commit 37d5edd102
WARNING! Although there is a key with this ID in the database it does not verify this commit! This commit is SUSPICIOUS.
GPG key ID: 6C4E620431C9980D
2 changed files with 16 additions and 14 deletions

15
dist/index.js vendored
View file

@ -380,7 +380,7 @@ try {
console.log('Configuring deployment key(s)'); console.log('Configuring deployment key(s)');
child_process.execFileSync(sshAddCmd, ['-L']).toString().trim().split(/\r?\n/).forEach(function(key) { child_process.execFileSync(sshAddCmd, ['-L']).toString().trim().split(/\r?\n/).forEach(function(key) {
const parts = key.match(/\bgithub\.com[:/]([_.a-z0-9-]+\/[_.a-z0-9-]+)/i); const parts = key.match(/\b([\w.]+)[:/]([_.a-z0-9-]+\/[_.a-z0-9-]+)$/i);
if (!parts) { if (!parts) {
if (logPublicKey) { if (logPublicKey) {
@ -390,16 +390,17 @@ try {
} }
const sha256 = crypto.createHash('sha256').update(key).digest('hex'); const sha256 = crypto.createHash('sha256').update(key).digest('hex');
const ownerAndRepo = parts[1].replace(/\.git$/, ''); const githubHost = parts[1];
const ownerAndRepo = parts[2].replace(/\.git$/, '');
fs.writeFileSync(`${homeSsh}/key-${sha256}`, key + "\n", { mode: '600' }); fs.writeFileSync(`${homeSsh}/key-${sha256}`, key + "\n", { mode: '600' });
child_process.execSync(`${gitCmd} config --global --replace-all url."git@key-${sha256}.github.com:${ownerAndRepo}".insteadOf "https://github.com/${ownerAndRepo}"`); child_process.execSync(`${gitCmd} config --global --replace-all url."git@key-${sha256}.${githubHost}:${ownerAndRepo}".insteadOf "https://${githubHost}/${ownerAndRepo}"`);
child_process.execSync(`${gitCmd} config --global --add url."git@key-${sha256}.github.com:${ownerAndRepo}".insteadOf "git@github.com:${ownerAndRepo}"`); child_process.execSync(`${gitCmd} config --global --add url."git@key-${sha256}.${githubHost}:${ownerAndRepo}".insteadOf "git@${githubHost}:${ownerAndRepo}"`);
child_process.execSync(`${gitCmd} config --global --add url."git@key-${sha256}.github.com:${ownerAndRepo}".insteadOf "ssh://git@github.com/${ownerAndRepo}"`); child_process.execSync(`${gitCmd} config --global --add url."git@key-${sha256}.${githubHost}:${ownerAndRepo}".insteadOf "ssh://git@${githubHost}/${ownerAndRepo}"`);
const sshConfig = `\nHost key-${sha256}.github.com\n` const sshConfig = `\nHost key-${sha256}.${githubHost}\n`
+ ` HostName github.com\n` + ` HostName ${githubHost}\n`
+ ` IdentityFile ${homeSsh}/key-${sha256}\n` + ` IdentityFile ${homeSsh}/key-${sha256}\n`
+ ` IdentitiesOnly yes\n`; + ` IdentitiesOnly yes\n`;

View file

@ -60,7 +60,7 @@ try {
console.log('Configuring deployment key(s)'); console.log('Configuring deployment key(s)');
child_process.execFileSync(sshAddCmd, ['-L']).toString().trim().split(/\r?\n/).forEach(function(key) { child_process.execFileSync(sshAddCmd, ['-L']).toString().trim().split(/\r?\n/).forEach(function(key) {
const parts = key.match(/\bgithub\.com[:/]([_.a-z0-9-]+\/[_.a-z0-9-]+)/i); const parts = key.match(/\b([\w.]+)[:/]([_.a-z0-9-]+\/[_.a-z0-9-]+)$/i);
if (!parts) { if (!parts) {
if (logPublicKey) { if (logPublicKey) {
@ -70,16 +70,17 @@ try {
} }
const sha256 = crypto.createHash('sha256').update(key).digest('hex'); const sha256 = crypto.createHash('sha256').update(key).digest('hex');
const ownerAndRepo = parts[1].replace(/\.git$/, ''); const githubHost = parts[1];
const ownerAndRepo = parts[2].replace(/\.git$/, '');
fs.writeFileSync(`${homeSsh}/key-${sha256}`, key + "\n", { mode: '600' }); fs.writeFileSync(`${homeSsh}/key-${sha256}`, key + "\n", { mode: '600' });
child_process.execSync(`${gitCmd} config --global --replace-all url."git@key-${sha256}.github.com:${ownerAndRepo}".insteadOf "https://github.com/${ownerAndRepo}"`); child_process.execSync(`${gitCmd} config --global --replace-all url."git@key-${sha256}.${githubHost}:${ownerAndRepo}".insteadOf "https://${githubHost}/${ownerAndRepo}"`);
child_process.execSync(`${gitCmd} config --global --add url."git@key-${sha256}.github.com:${ownerAndRepo}".insteadOf "git@github.com:${ownerAndRepo}"`); child_process.execSync(`${gitCmd} config --global --add url."git@key-${sha256}.${githubHost}:${ownerAndRepo}".insteadOf "git@${githubHost}:${ownerAndRepo}"`);
child_process.execSync(`${gitCmd} config --global --add url."git@key-${sha256}.github.com:${ownerAndRepo}".insteadOf "ssh://git@github.com/${ownerAndRepo}"`); child_process.execSync(`${gitCmd} config --global --add url."git@key-${sha256}.${githubHost}:${ownerAndRepo}".insteadOf "ssh://git@${githubHost}/${ownerAndRepo}"`);
const sshConfig = `\nHost key-${sha256}.github.com\n` const sshConfig = `\nHost key-${sha256}.${githubHost}\n`
+ ` HostName github.com\n` + ` HostName ${githubHost}\n`
+ ` IdentityFile ${homeSsh}/key-${sha256}\n` + ` IdentityFile ${homeSsh}/key-${sha256}\n`
+ ` IdentitiesOnly yes\n`; + ` IdentitiesOnly yes\n`;