Page MenuHomeDevCentral

ZR destroy key information when conduit doesn't answer
Open, Needs TriagePublic

Description

Zemke-Rhyne is a small bridge between Phabricator and our servers to fetch credentials stored on DevCentral.

The Docker servers have the right to connect through SSH to a special account on a specific server (currently Ysul) with keys stored here too.

There is a script to generate the SSH authorized_files with those keys (and metadata like the IP of the server matching this key).

Reproduce steps:

While Phabricator can't answer (e.g. because Phabricator container is down):

  1. Go to Ysul, switch to zr account
  2. make clean all

Expected result:

  • any error handling (e.g. an exception thrown)
  • it doesn't recreate the .ssh/authorized_files (or creates it as a blank file)

Actual result: It silently creates the file .ssh/authorized_files without raising any warning, without key.

Fix

Fix to implement in rZR:

Event Timeline

dereckson updated the task description. (Show Details)
dereckson added a project: easy.
dereckson moved this task from Backlog to Dev on the easy board.
dereckson updated the task description. (Show Details)