Devops: Allow tests to fetch key from environment variable

The tests require a connection to localhost and assume usage of the default key. To allow the usage of nondefault ssh key names the environment variable `AIIDA_PYTEST_SSH_KEY` is introduced that can be used to specify the ssh key.
aiidateam · Aug 6, 2024 · 309418b · 309418b
1 parent 90312f8
commit 309418b
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 3 deletions.
diff --git a/.github/workflows/setup_ssh.sh b/.github/workflows/setup_ssh.sh
@@ -3,9 +3,10 @@
 # because localhost is used as remote address to run the tests locally.
 set -ev
 
-ssh-keygen -q -t rsa -b 4096 -N "" -f "${HOME}/.ssh/id_rsa"
-ssh-keygen -y -f "${HOME}/.ssh/id_rsa" >> "${HOME}/.ssh/authorized_keys"
+ssh-keygen -q -t rsa -b 4096 -N "" -f "${HOME}/.ssh/id_rsa_aiida_pytest"
+ssh-keygen -y -f "${HOME}/.ssh/id_rsa_aiida_pytest" >> "${HOME}/.ssh/authorized_keys"
 ssh-keyscan -H localhost >> "${HOME}/.ssh/known_hosts"
 
 # The permissions on the GitHub runner are 777 which will cause SSH to refuse the keys and cause authentication to fail
 chmod 755 "${HOME}"
+AIIDA_PYTEST_SSH_KEY=${HOME}/.ssh/id_rsa_aiida_pytest
diff --git a/src/aiida/tools/pytest_fixtures/orm.py b/src/aiida/tools/pytest_fixtures/orm.py
@@ -13,18 +13,26 @@
 
 @pytest.fixture(scope='session')
 def ssh_key(tmp_path_factory) -> t.Generator[pathlib.Path, None, None]:
-    """Generate a temporary SSH key pair for the test session and return the filepath of the private key.
+    """Returns a SSH key for the test session. If the environment variable ``AIIDA_PYTEST_SSH_KEY`` is set we take the
+    key from this path otherwise we generate a temporary SSH key pair for the test session and return the filepath of
+    the private key.
 
     The filepath of the public key is the same as the private key, but it adds the ``.pub`` file extension.
 
     :returns: The filepath of the generated private key.
     """
+    import os
+
+    if (ssh_key_path := os.environ.get("AIIDA_PYTEST_SSH_KEY")) is not None:
+        yield pathlib.Path(ssh_key_path)
+
     from uuid import uuid4
 
     from cryptography.hazmat.backends import default_backend as crypto_default_backend
     from cryptography.hazmat.primitives import serialization as crypto_serialization
     from cryptography.hazmat.primitives.asymmetric import rsa
 
+
     key = rsa.generate_private_key(
         backend=crypto_default_backend(),
         public_exponent=65537,