Merge pull request #20 from dodopizza/sre-remova-scaleft-6419620

#6419620 remove sft, add az ssh, minor updates
dodopizza · Sep 26, 2022 · bcd708b · bcd708b
2 parents 47ac738 + 3d9d794
commit bcd708b
Show file tree

Hide file tree

Showing 5 changed files with 14 additions and 70 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -62,11 +62,14 @@ RUN    ( pip install 'ansible=='   || true ) \
 
 ## azure-cli
 RUN dnf install -y gcc \
-    && pip --no-cache-dir install 'azure-cli==2.12.1' \
+    && pip --no-cache-dir install 'azure-cli==2.40.0' \
     && dnf remove -y gcc
 
+## azure cli ssh extension
+RUN az extension add --name ssh
+
 ## azure kubernetes client
-RUN az aks install-cli
+RUN az aks install-cli --client-version 1.23.5
 
 ## ansible
 RUN pip --no-cache-dir install \
@@ -97,6 +100,9 @@ COPY bin/az-mysqlpump /usr/local/bin/
 RUN dnf install -y \
     https://github.com/maxbube/mydumper/releases/download/v0.10.7-2/mydumper-0.10.7-2.el8.x86_64.rpm
 
+## ps tool
+RUN dnf install procps -y
+
 ## docker-client for dind
 RUN dnf config-manager \
     --add-repo https://download.docker.com/linux/centos/docker-ce.repo \
@@ -106,15 +112,6 @@ RUN dnf config-manager \
 ## docker-compose for dind
 RUN pip install docker-compose
 
-## packer (hashicorp-packer)
-## https://github.com/hashicorp/packer/releases
-## issue: https://github.com/cracklib/cracklib/issues/7
-RUN packer_version=1.7.10 \
-    && curl -o /tmp/packer.zip https://releases.hashicorp.com/packer/${packer_version}/packer_${packer_version}_linux_amd64.zip \
-    && unzip /tmp/packer.zip -d /tmp/ \
-    && mv -f /tmp/packer /usr/bin/hashicorp-packer \
-    && rm -f /tmp/packer.zip
-
 ## helm 3
 RUN cd /tmp/ \
     && curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash
@@ -152,26 +149,16 @@ RUN cd /tmp/ \
 
 ## terraform
 ## https://releases.hashicorp.com/terraform
-RUN terraform_version=1.1.6 \
+RUN terraform_version=1.1.8 \
     && curl -o /tmp/terraform.zip https://releases.hashicorp.com/terraform/${terraform_version}/terraform_${terraform_version}_linux_amd64.zip \
     && unzip /tmp/terraform.zip -d /usr/bin/ \
     && rm -f /tmp/terraform.zip
 
-## scaleft client
-RUN curl -C - https://pkg.scaleft.com/scaleft_yum.repo | tee /etc/yum.repos.d/scaleft.repo \
-    && yes | rpm --import https://dist.scaleft.com/pki/scaleft_rpm_key.asc \
-    && dnf install -y scaleft-client-tools.x86_64 \
-    && dnf install -y openssh-clients sshpass \
-    && dnf install -y sudo \
-    && dnf clean all \
-    && mkdir /root/.ssh && sft ssh-config > /root/.ssh/config \
-    && ln -s /usr/bin/sft /usr/local/bin/sft
-
 ## ghost-tool from dodopizza/sre-toolchain
 COPY bin/ghost-tool.sh  /usr/bin/ghost-tool
 RUN  ln -s /usr/bin/ghost-tool /usr/bin/gh-ost-tool
 
-## scaleft user forwarding from host machine to container
+## entrypoint
 COPY  scripts/docker-entrypoint.sh /
 ENTRYPOINT ["/docker-entrypoint.sh"]
 CMD ["/bin/bash"]

diff --git a/README.MD b/README.MD
@@ -26,16 +26,6 @@ To login to dodo infrastructure just type:
 dodo-login
 ```
 
-To forward current service user onto the container (sftd required):
-
-```bash
-...
--e "SFT_USER_ID=$(id -u)"
--e "SFT_USER_NAME=$(id -un)"
--v /var/run/sftd/management.sock:/var/run/sftd/management.sock
-...
-```
-
 ## Usage for Linux/OS X
 
 To use convenient command line function (dodo-centos), add following code to ~/.bashrc (bash) or ~/.zshrc (zsh)
@@ -135,7 +125,6 @@ tags:
   - innotop
   - Terraform
   - packer
-  - sft
   - az-mysqlpump
   - Docker
   - docker-compose

diff --git a/scripts/bash-aliases.sh b/scripts/bash-aliases.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-alias dodo-login="az login && sft enroll && sft login"
+alias dodo-login="az login"
 alias k="kubectl"
 
 function kubectx(){

diff --git a/scripts/docker-entrypoint.sh b/scripts/docker-entrypoint.sh
@@ -1,37 +1,6 @@
 #!/bin/bash
 set -eu
 
-# For ScaleFT Host machine user mapping
-#   scaleft user forwarding:
-#     docker run \
-#       -e "SFT_USER_ID=$(id -u)" \
-#       -e "SFT_USER_NAME=$(id -un)" \
-#       -v /var/run/sftd/management.sock:/var/run/sftd/management.sock
-#       ..
-#
-
 ## Default entrypoint
-if [ -z ${SFT_USER_NAME:-''} ]; then
-  exec "$@"
-  exit $?
-fi
-
-## For scaleft user forwarding from host machine to container
-echo "Preparing local sft user ${SFT_USER_NAME} with id ${SFT_USER_ID}"
-useradd -u ${SFT_USER_ID} -g root ${SFT_USER_NAME} \
-&& echo "${SFT_USER_NAME}" | passwd --stdin ${SFT_USER_NAME} \
-&& echo "${SFT_USER_NAME} ALL=NOPASSWD:ALL" | EDITOR='tee -a' visudo \
-|| true
-
-su -l ${SFT_USER_NAME} -c "
-  whoami
-  install -d ~/.ssh/
-  sft ssh-config > ~/.ssh/config
-  sft config service_auth.enable true >/dev/null
-"
-
-if [ $# -gt 0 ]; then
-  su -l ${SFT_USER_NAME} -c "$@"
-else
-  su -l ${SFT_USER_NAME}
-fi
+exec "$@"
+exit $?
diff --git a/scripts/version-info.sh b/scripts/version-info.sh
@@ -19,9 +19,8 @@ mydumper --version
 ghost-tool --version
 innotop --version
 terraform --version
-echo -n "packer (hashicorp-packer): " && hashicorp-packer --version
-sft --version
 az-mysqlpump --version
+ps --version
 docker --version
 docker-compose --version
 echo -n "helm: " && helm version --client --short