From 780ab9729074af82278395764541120203d4452c Mon Sep 17 00:00:00 2001 From: Matej Focko Date: Fri, 10 May 2024 17:36:12 +0200 Subject: [PATCH 1/3] secrets(ssh): configure GitLab SSH Fixes packit/packit-service#2425 Signed-off-by: Matej Focko --- secrets/packit/prod/ssh_config | 7 +++++++ secrets/packit/stg/ssh_config | 7 +++++++ 2 files changed, 14 insertions(+) diff --git a/secrets/packit/prod/ssh_config b/secrets/packit/prod/ssh_config index b361bf2..f8f60fd 100644 --- a/secrets/packit/prod/ssh_config +++ b/secrets/packit/prod/ssh_config @@ -3,3 +3,10 @@ Host pkgs.fedoraproject.org User packit IdentityFile /home/packit/.ssh/id_ed25519 IdentitiesOnly yes + +# Used for the CentOS and CentOS SIGs' dist git repositories +Host gitlab.com + Hostname gitlab.com + User git + IdentityFile /home/packit/.ssh/id_ed25519 + IdentitiesOnly yes diff --git a/secrets/packit/stg/ssh_config b/secrets/packit/stg/ssh_config index 1b6bff4..3ac5fda 100644 --- a/secrets/packit/stg/ssh_config +++ b/secrets/packit/stg/ssh_config @@ -3,3 +3,10 @@ Host pkgs.fedoraproject.org User packit-stg IdentityFile /home/packit/.ssh/id_ed25519 IdentitiesOnly yes + +# Used for the CentOS and CentOS SIGs' dist git repositories +Host gitlab.com + Hostname gitlab.com + User git + IdentityFile /home/packit/.ssh/id_ed25519 + IdentitiesOnly yes From 9c293000b293bdb4d60d1f5b441e5eafd2e76a02 Mon Sep 17 00:00:00 2001 From: Matej Focko Date: Fri, 10 May 2024 17:37:39 +0200 Subject: [PATCH 2/3] style(secrets/ssh): reorder lines MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit cause OCD… Signed-off-by: Matej Focko --- secrets/packit/prod/ssh_config | 10 ++++++---- secrets/packit/stg/ssh_config | 10 ++++++---- 2 files changed, 12 insertions(+), 8 deletions(-) diff --git a/secrets/packit/prod/ssh_config b/secrets/packit/prod/ssh_config index f8f60fd..278dcc8 100644 --- a/secrets/packit/prod/ssh_config +++ b/secrets/packit/prod/ssh_config @@ -1,12 +1,14 @@ Host pkgs.fedoraproject.org - Hostname pkgs.fedoraproject.org User packit - IdentityFile /home/packit/.ssh/id_ed25519 + Hostname pkgs.fedoraproject.org + IdentitiesOnly yes + IdentityFile /home/packit/.ssh/id_ed25519 # Used for the CentOS and CentOS SIGs' dist git repositories Host gitlab.com - Hostname gitlab.com User git - IdentityFile /home/packit/.ssh/id_ed25519 + Hostname gitlab.com + IdentitiesOnly yes + IdentityFile /home/packit/.ssh/id_ed25519 diff --git a/secrets/packit/stg/ssh_config b/secrets/packit/stg/ssh_config index 3ac5fda..f7e3eec 100644 --- a/secrets/packit/stg/ssh_config +++ b/secrets/packit/stg/ssh_config @@ -1,12 +1,14 @@ Host pkgs.fedoraproject.org - Hostname pkgs.fedoraproject.org User packit-stg - IdentityFile /home/packit/.ssh/id_ed25519 + Hostname pkgs.fedoraproject.org + IdentitiesOnly yes + IdentityFile /home/packit/.ssh/id_ed25519 # Used for the CentOS and CentOS SIGs' dist git repositories Host gitlab.com - Hostname gitlab.com User git - IdentityFile /home/packit/.ssh/id_ed25519 + Hostname gitlab.com + IdentitiesOnly yes + IdentityFile /home/packit/.ssh/id_ed25519 From c07e2d1062d6baca5b9d5c28f427a08a334cbcec Mon Sep 17 00:00:00 2001 From: Matej Focko Date: Fri, 10 May 2024 17:38:29 +0200 Subject: [PATCH 3/3] =?UTF-8?q?chore(git):=20ignore=20=E2=80=B9dev?= =?UTF-8?q?=E2=80=BA=20secrets?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 1. Don't spam the ‹git status› with temporary / testing secrets 2. Avoid accidentally leaking actual secrets that may be linked or copied to the “development” deployment Signed-off-by: Matej Focko --- .gitignore | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.gitignore b/.gitignore index bb65b58..9f1e595 100644 --- a/.gitignore +++ b/.gitignore @@ -13,5 +13,8 @@ secrets/fedora-source-git/stg/* !secrets/**/*.j2 !secrets/**/ssh_config +# Ignore any ‹dev› secrets +secrets/*/dev/* + # used in move_stable script move_stable_repositories