From 309418ba6ee77cf807e388b0e1f8f0897d68749e Mon Sep 17 00:00:00 2001 From: Alexander Goscinski Date: Tue, 6 Aug 2024 07:07:07 +0200 Subject: [PATCH] Devops: Allow tests to fetch key from environment variable The tests require a connection to localhost and assume usage of the default key. To allow the usage of nondefault ssh key names the environment variable `AIIDA_PYTEST_SSH_KEY` is introduced that can be used to specify the ssh key. --- .github/workflows/setup_ssh.sh | 5 +++-- src/aiida/tools/pytest_fixtures/orm.py | 10 +++++++++- 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/.github/workflows/setup_ssh.sh b/.github/workflows/setup_ssh.sh index 2311f98984..58434319f6 100755 --- a/.github/workflows/setup_ssh.sh +++ b/.github/workflows/setup_ssh.sh @@ -3,9 +3,10 @@ # because localhost is used as remote address to run the tests locally. set -ev -ssh-keygen -q -t rsa -b 4096 -N "" -f "${HOME}/.ssh/id_rsa" -ssh-keygen -y -f "${HOME}/.ssh/id_rsa" >> "${HOME}/.ssh/authorized_keys" +ssh-keygen -q -t rsa -b 4096 -N "" -f "${HOME}/.ssh/id_rsa_aiida_pytest" +ssh-keygen -y -f "${HOME}/.ssh/id_rsa_aiida_pytest" >> "${HOME}/.ssh/authorized_keys" ssh-keyscan -H localhost >> "${HOME}/.ssh/known_hosts" # The permissions on the GitHub runner are 777 which will cause SSH to refuse the keys and cause authentication to fail chmod 755 "${HOME}" +AIIDA_PYTEST_SSH_KEY=${HOME}/.ssh/id_rsa_aiida_pytest diff --git a/src/aiida/tools/pytest_fixtures/orm.py b/src/aiida/tools/pytest_fixtures/orm.py index 0ed7ea18d7..e0ee6233b9 100644 --- a/src/aiida/tools/pytest_fixtures/orm.py +++ b/src/aiida/tools/pytest_fixtures/orm.py @@ -13,18 +13,26 @@ @pytest.fixture(scope='session') def ssh_key(tmp_path_factory) -> t.Generator[pathlib.Path, None, None]: - """Generate a temporary SSH key pair for the test session and return the filepath of the private key. + """Returns a SSH key for the test session. If the environment variable ``AIIDA_PYTEST_SSH_KEY`` is set we take the + key from this path otherwise we generate a temporary SSH key pair for the test session and return the filepath of + the private key. The filepath of the public key is the same as the private key, but it adds the ``.pub`` file extension. :returns: The filepath of the generated private key. """ + import os + + if (ssh_key_path := os.environ.get("AIIDA_PYTEST_SSH_KEY")) is not None: + yield pathlib.Path(ssh_key_path) + from uuid import uuid4 from cryptography.hazmat.backends import default_backend as crypto_default_backend from cryptography.hazmat.primitives import serialization as crypto_serialization from cryptography.hazmat.primitives.asymmetric import rsa + key = rsa.generate_private_key( backend=crypto_default_backend(), public_exponent=65537,