From 8ea43a4aebe513324b791500fa9462e33e52e0b5 Mon Sep 17 00:00:00 2001 From: David Dworken Date: Thu, 23 Apr 2020 14:08:46 -0700 Subject: [PATCH] Add KEYBASE_TIMEOUT configuration parameter to configure a custom timeout for interacting with the bot (#92) * Update dependency versions in order to make it possible to configure keybase timeouts In order to configure the timeouts for #91, we need to pull in the latest KB chat library which was updated here: https://github.com/keybase/go-keybase-chat-bot/pull/67 The library also changed the arg order to a function, so swapped that in our code to make everything continue to work. * Add KEYBASE_TIMEOUT configuration parameter to configure a custom timeout for interacting with the bot * Add docs for KEYBASE_TIMEOUT * Make the sleeps that are waiting for keybase to startup also wait for * make sleep time 5s, to be consistent with how KEYBASE_TIMEOUT is used elsewhere Co-authored-by: M Mou --- docker/Dockerfile-ca | 2 +- docker/entrypoint-generate.sh | 2 +- docker/entrypoint-server.sh | 2 +- docs/env.md | 13 +++++++++ go.mod | 17 ++++++++---- go.sum | 43 ++++++++++++++++++++--------- src/keybaseca/bot/bot.go | 4 +-- src/keybaseca/botwrapper/get_bot.go | 11 ++++++-- src/keybaseca/config/config.go | 35 ++++++++++++++++++++--- src/keybaseca/sshutils/sshutils.go | 2 +- src/kssh/bot.go | 4 +-- tests/envFiles/test_env_1 | 1 + 12 files changed, 103 insertions(+), 33 deletions(-) diff --git a/docker/Dockerfile-ca b/docker/Dockerfile-ca index 3377089..971ba72 100644 --- a/docker/Dockerfile-ca +++ b/docker/Dockerfile-ca @@ -8,7 +8,7 @@ RUN apk update && apk add --no-cache go curl git musl-dev gcc # build keybase binary WORKDIR /go ENV GOPATH=/go -ENV KEYBASE_VERSION=5.0.0 +ENV KEYBASE_VERSION=5.4.0 RUN go get -d github.com/keybase/client/go/keybase RUN cd src/github.com/keybase/client/go/keybase && git checkout v$KEYBASE_VERSION RUN go install -tags production github.com/keybase/client/go/keybase diff --git a/docker/entrypoint-generate.sh b/docker/entrypoint-generate.sh index 60bcdb9..e9c14b7 100755 --- a/docker/entrypoint-generate.sh +++ b/docker/entrypoint-generate.sh @@ -12,7 +12,7 @@ export "TEAMS=$TEAMS" export "KEYBASE_USERNAME=$KEYBASE_USERNAME" export "KEYBASE_PAPERKEY=$KEYBASE_PAPERKEY" nohup bash -c "KEYBASE_RUN_MODE=prod kbfsfuse /keybase | grep -v 'ERROR Mounting the filesystem failed' &" -sleep 3 +sleep ${KEYBASE_TIMEOUT:-5} keybase oneshot bin/keybaseca generate EOF diff --git a/docker/entrypoint-server.sh b/docker/entrypoint-server.sh index 64c585b..8e1e3fb 100755 --- a/docker/entrypoint-server.sh +++ b/docker/entrypoint-server.sh @@ -11,7 +11,7 @@ export "TEAMS=$TEAMS" export "KEYBASE_USERNAME=$KEYBASE_USERNAME" export "KEYBASE_PAPERKEY=$KEYBASE_PAPERKEY" nohup bash -c "KEYBASE_RUN_MODE=prod kbfsfuse /keybase | grep -v 'ERROR Mounting the filesystem failed' &" -sleep 3 +sleep ${KEYBASE_TIMEOUT:-5} keybase oneshot bin/keybaseca service EOF diff --git a/docs/env.md b/docs/env.md index e2e928c..7c9ade2 100644 --- a/docs/env.md +++ b/docs/env.md @@ -106,6 +106,19 @@ export ANNOUNCEMENT="Hello! I'm {USERNAME} and I'm an SSH bot! I'm currently lis export ANNOUNCEMENT="Hello! I'm {USERNAME} and I'm an SSH bot! Being in {CURRENT_TEAM} will grant you SSH access to certain servers. Reach out to @dworken for more information." ``` +### Timeout + +The `KEYBASE_TIMEOUT` environment specifies the number of seconds to wait for Keybase operations. If you are running +the bot on an especially slow computer (ie a Raspberry Pi) or with a high latency internet connection, you may need +to tune this. Defaults to 5 seconds. + +Examples: + +```bash +export KEYBASE_TIMEOUT="5" +export KEYBASE_TIMEOUT="15" +``` + ## Developer Options These environment variables are mainly useful for dev work. For security reasons, it is recommended always to run a diff --git a/go.mod b/go.mod index a8efd50..b3f2c80 100644 --- a/go.mod +++ b/go.mod @@ -3,11 +3,16 @@ module github.com/keybase/bot-sshca go 1.12 require ( + github.com/cpuguy83/go-md2man/v2 v2.0.0 // indirect github.com/google/uuid v1.1.1 - github.com/keybase/go-keybase-chat-bot v0.0.0-20190903135515-79c56220e558 - github.com/sirupsen/logrus v1.4.2 - github.com/stretchr/testify v1.3.0 - github.com/urfave/cli v1.21.0 - golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4 - golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e // indirect + github.com/keybase/go-keybase-chat-bot v0.0.0-20200420153642-84a89a8a3623 + github.com/konsorten/go-windows-terminal-sequences v1.0.2 // indirect + github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e // indirect + github.com/sirupsen/logrus v1.5.0 + github.com/stretchr/testify v1.5.1 + github.com/urfave/cli v1.22.4 + golang.org/x/crypto v0.0.0-20200420104511-884d27f42877 + golang.org/x/sys v0.0.0-20200420163511-1957bb5e6d1f // indirect + gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f // indirect + gopkg.in/yaml.v2 v2.2.8 // indirect ) diff --git a/go.sum b/go.sum index b190af4..c92ea80 100644 --- a/go.sum +++ b/go.sum @@ -1,37 +1,54 @@ github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= +github.com/cpuguy83/go-md2man/v2 v2.0.0 h1:EoUDS0afbrsXAZ9YQ9jdu/mZ2sXgT1/2yyNng4PGlyM= +github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/google/uuid v1.1.1 h1:Gkbcsh/GbpXz7lPftLA3P6TYMwjCLYm83jiFQZF/3gY= github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/keybase/go-keybase-chat-bot v0.0.0-20190903135515-79c56220e558 h1:iZ1RdFAAftDrkcuYWWNOJt+LBUo8tefd0GywewLuTqE= -github.com/keybase/go-keybase-chat-bot v0.0.0-20190903135515-79c56220e558/go.mod h1:vNc28YFzigVJod0j5EbuTtRIe7swx8vodh2yA4jZ2s8= +github.com/keybase/go-keybase-chat-bot v0.0.0-20200420153642-84a89a8a3623 h1:QN/gM9pje2q1r36STbYP+D0Qr47AKsCG/c0V7Uy0iFY= +github.com/keybase/go-keybase-chat-bot v0.0.0-20200420153642-84a89a8a3623/go.mod h1:vNc28YFzigVJod0j5EbuTtRIe7swx8vodh2yA4jZ2s8= github.com/konsorten/go-windows-terminal-sequences v1.0.1 h1:mweAR1A6xJ3oS2pRaGiHgQ4OO8tzTaLawm8vnODuwDk= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= +github.com/konsorten/go-windows-terminal-sequences v1.0.2 h1:DB17ag19krx9CFsz4o3enTrPXyIXCl+2iCXH/aMAp9s= +github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= +github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= +github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= +github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e h1:fD57ERR4JtEqsWbfPhv4DMiApHyliiK5xCTNVSPiaAs= +github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/sirupsen/logrus v1.4.2 h1:SPIRibHv4MatM3XXNO2BJeFLZwZ2LvZgfQ5+UNI2im4= -github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= +github.com/russross/blackfriday/v2 v2.0.1 h1:lPqVAte+HuHNfhJ/0LC98ESWRz8afy9tM/0RK8m9o+Q= +github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= +github.com/shurcooL/sanitized_anchor_name v1.0.0 h1:PdmoCO6wvbs+7yrJyMORt4/BmY5IYyJwS/kOiWx8mHo= +github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= +github.com/sirupsen/logrus v1.5.0 h1:1N5EYkVAPEywqZRJd7cwnRtCb6xJx7NH3T3WUTF980Q= +github.com/sirupsen/logrus v1.5.0/go.mod h1:+F7Ogzej0PZc/94MaYx/nvG9jOFMD2osvC3s+Squfpo= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= -github.com/stretchr/testify v1.3.0 h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q= -github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -github.com/urfave/cli v1.21.0 h1:wYSSj06510qPIzGSua9ZqsncMmWE3Zr55KBERygyrxE= -github.com/urfave/cli v1.21.0/go.mod h1:lxDj6qX9Q6lWQxIrbrT0nwecwUtRnhVZAJjJZrVUZZQ= +github.com/stretchr/testify v1.5.1 h1:nOGnQDM7FYENwehXlg/kFVnos3rEvtKTjRvOWSzb6H4= +github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= +github.com/urfave/cli v1.22.4 h1:u7tSpNPPswAFymm8IehJhy4uJMlUuU/GmqSkvJ1InXA= +github.com/urfave/cli v1.22.4/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4 h1:HuIa8hRrWRSrqYzx1qI49NNxhdi2PrY7gxVSq1JjLDc= -golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20200420104511-884d27f42877 h1:IhZPbxNd1UjBCaD5AfpSSbJTRlp+ZSuyuH5uoksNS04= +golang.org/x/crypto v0.0.0-20200420104511-884d27f42877/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d h1:+R4KGOnez64A81RvjARKc4UT5/tI9ujCIVX+P5KiHuI= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e h1:D5TXcfTk7xF7hvieo4QErS3qqCB4teTffacDWr7CI+0= -golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200420163511-1957bb5e6d1f h1:gWF768j/LaZugp8dyS4UwsslYCYz9XgFxvlgsn0n9H8= +golang.org/x/sys v0.0.0-20200420163511-1957bb5e6d1f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f h1:BLraFXnmrev5lT+xlilqcH8XK9/i0At2xKjWk4p6zsU= +gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= +gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= diff --git a/src/keybaseca/bot/bot.go b/src/keybaseca/bot/bot.go index c575ae7..4791c2e 100644 --- a/src/keybaseca/bot/bot.go +++ b/src/keybaseca/bot/bot.go @@ -20,7 +20,7 @@ import ( // Get a running instance of the keybase chat API. Will use the configured credentials if necessary. func GetKBChat(conf config.Config) (*kbchat.API, error) { - return botwrapper.GetKBChat(conf.GetKeybaseHomeDir(), conf.GetKeybasePaperKey(), conf.GetKeybaseUsername()) + return botwrapper.GetKBChat(conf.GetKeybaseHomeDir(), conf.GetKeybasePaperKey(), conf.GetKeybaseUsername(), conf.GetKeybaseTimeout()) } // Get the username of the user that the keybaseca bot is running as @@ -190,7 +190,7 @@ func sendAnnouncementMessage(conf config.Config, kbc *kbchat.API) error { Teams: conf.GetTeams()}) var channel *string - _, err := kbc.SendMessageByTeamName(team, announcement, channel) + _, err := kbc.SendMessageByTeamName(team, channel, announcement) if err != nil { return err } diff --git a/src/keybaseca/botwrapper/get_bot.go b/src/keybaseca/botwrapper/get_bot.go index b052d8e..eff435b 100644 --- a/src/keybaseca/botwrapper/get_bot.go +++ b/src/keybaseca/botwrapper/get_bot.go @@ -6,12 +6,14 @@ package botwrapper // dependency cycle. import ( + "time" + "github.com/keybase/go-keybase-chat-bot/kbchat" ) // Get a running instance of the keybase chat API. Will use the supplied credentials if necessary. If possible, it // is preferred to reference the `GetKBChat` method in the `bot` package instead -func GetKBChat(keybaseHomeDir, keybasePaperKey, keybaseUsername string) (*kbchat.API, error) { +func GetKBChat(keybaseHomeDir, keybasePaperKey, keybaseUsername string, keybaseTimeout time.Duration) (*kbchat.API, error) { runOptions := kbchat.RunOptions{} if keybaseHomeDir != "" { runOptions.HomeDir = keybaseHomeDir @@ -19,5 +21,10 @@ func GetKBChat(keybaseHomeDir, keybasePaperKey, keybaseUsername string) (*kbchat if keybasePaperKey != "" && keybaseUsername != "" { runOptions.Oneshot = &kbchat.OneshotOptions{PaperKey: keybasePaperKey, Username: keybaseUsername} } - return kbchat.Start(runOptions) + api, err := kbchat.Start(runOptions) + if err != nil { + return nil, err + } + api.Timeout = keybaseTimeout + return api, nil } diff --git a/src/keybaseca/config/config.go b/src/keybaseca/config/config.go index d044a6e..a281d58 100644 --- a/src/keybaseca/config/config.go +++ b/src/keybaseca/config/config.go @@ -4,7 +4,9 @@ import ( "fmt" "io/ioutil" "os" + "strconv" "strings" + "time" "github.com/keybase/bot-sshca/src/keybaseca/constants" @@ -29,11 +31,18 @@ type Config interface { GetStrictLogging() bool GetAnnouncement() string DebugString() string + GetKeybaseTimeout() time.Duration } // Validate the given config file. If offline, do so without connecting to keybase (used in code that is meant // to function without any reliance on Keybase). func ValidateConfig(conf EnvConfig, offline bool) error { + if conf.getKeybaseTimeout() != "" { + _, err := strconv.Atoi(conf.getKeybaseTimeout()) + if err != nil { + return fmt.Errorf("failed to validate KEYBASE_TIMEOUT, value is not an integer: %v", err) + } + } if len(conf.GetTeams()) == 0 { return fmt.Errorf("must specify at least one team via the TEAMS environment variable") } @@ -70,7 +79,7 @@ func ValidateConfig(conf EnvConfig, offline bool) error { return fmt.Errorf("you must set set a paper key if you set a username (username='%s', key='%s')", conf.GetKeybaseUsername(), conf.GetKeybasePaperKey()) } if !offline { - err := validateUsernamePaperkey(conf.GetKeybaseHomeDir(), conf.GetKeybaseUsername(), conf.GetKeybasePaperKey()) + err := validateUsernamePaperkey(conf.GetKeybaseHomeDir(), conf.GetKeybaseUsername(), conf.GetKeybasePaperKey(), conf.GetKeybaseTimeout()) if err != nil { return fmt.Errorf("failed to validate KEYBASE_USERNAME and KEYBASE_PAPERKEY: %v", err) } @@ -80,8 +89,8 @@ func ValidateConfig(conf EnvConfig, offline bool) error { return nil } -func validateUsernamePaperkey(homedir, username, paperkey string) error { - api, err := botwrapper.GetKBChat(homedir, username, paperkey) +func validateUsernamePaperkey(homedir, username, paperkey string, keybaseTimeout time.Duration) error { + api, err := botwrapper.GetKBChat(homedir, username, paperkey, keybaseTimeout) if err != nil { return err } @@ -98,7 +107,7 @@ func validateUsernamePaperkey(homedir, username, paperkey string) error { // Validates the given teamName and channelName to determine whether or not the given channelName is the name // of a channel inside the given team. Returns nil if everything validates. func validateChannel(conf Config, teamName string, channelName string) error { - api, err := botwrapper.GetKBChat(conf.GetKeybaseHomeDir(), conf.GetKeybasePaperKey(), conf.GetKeybaseUsername()) + api, err := botwrapper.GetKBChat(conf.GetKeybaseHomeDir(), conf.GetKeybasePaperKey(), conf.GetKeybaseUsername(), conf.GetKeybaseTimeout()) if err != nil { return err } @@ -256,6 +265,24 @@ func (ef *EnvConfig) GetAnnouncement() string { return os.Getenv("ANNOUNCEMENT") } +// Get the timeout for interacting with Keybase specified as a string. May be empty. +func (ef *EnvConfig) getKeybaseTimeout() string { + return os.Getenv("KEYBASE_TIMEOUT") +} + +// Get the timeout for interacting with Keybase as a time.Duration. Defaults to 5 seconds. +func (ef *EnvConfig) GetKeybaseTimeout() time.Duration { + timeoutStr := ef.getKeybaseTimeout() + if timeoutStr == "" { + return 5 * time.Second + } + timeoutInt, err := strconv.Atoi(timeoutStr) + if err != nil { + panic("Found non-int in the keybase timeout field! This should never happen due to config validation...") + } + return time.Duration(timeoutInt) * time.Second +} + // Dump this EnvConfig to a string for debugging purposes func (ef *EnvConfig) DebugString() string { return fmt.Sprintf("CAKeyLocation='%s'; KeybaseHomeDir='%s'; KeybasePaperKey='%s'; KeybaseUsername='%s'; "+ diff --git a/src/keybaseca/sshutils/sshutils.go b/src/keybaseca/sshutils/sshutils.go index b0ae033..3f2b4a3 100644 --- a/src/keybaseca/sshutils/sshutils.go +++ b/src/keybaseca/sshutils/sshutils.go @@ -156,7 +156,7 @@ func SignKey(caKeyLocation, keyID, principals, expiration, publicKey string) (si // attacker would be able to provision SSH keys for environments that they should not have access to. func getPrincipals(conf config.Config, sr shared.SignatureRequest) (string, error) { // Start by getting the list of teams the user is in - api, err := botwrapper.GetKBChat(conf.GetKeybaseHomeDir(), conf.GetKeybasePaperKey(), conf.GetKeybaseUsername()) + api, err := botwrapper.GetKBChat(conf.GetKeybaseHomeDir(), conf.GetKeybasePaperKey(), conf.GetKeybaseUsername(), conf.GetKeybaseTimeout()) if err != nil { return "", fmt.Errorf("failed to retrieve the list of teams the user is in: %v", err) } diff --git a/src/kssh/bot.go b/src/kssh/bot.go index 66d1f3f..59371e3 100644 --- a/src/kssh/bot.go +++ b/src/kssh/bot.go @@ -48,7 +48,7 @@ func GetSignedKey(config ConfigFile, request shared.SignatureRequest) (shared.Si default: } - _, err = kbc.SendMessageByTeamName(config.TeamName, shared.GenerateAckRequest(kbc.GetUsername()), getChannel(config)) + _, err = kbc.SendMessageByTeamName(config.TeamName, getChannel(config), shared.GenerateAckRequest(kbc.GetUsername())) if err != nil { fmt.Printf("Failed to send AckRequest: %v\n", err) } @@ -86,7 +86,7 @@ func GetSignedKey(config ConfigFile, request shared.SignatureRequest) (shared.Si if err != nil { return empty, err } - _, err = kbc.SendMessageByTeamName(config.TeamName, shared.SignatureRequestPreamble+string(marshaledRequest), getChannel(config)) + _, err = kbc.SendMessageByTeamName(config.TeamName, getChannel(config), shared.SignatureRequestPreamble+string(marshaledRequest)) if err != nil { return empty, err } diff --git a/tests/envFiles/test_env_1 b/tests/envFiles/test_env_1 index 9d17ede..bb1c1ea 100644 --- a/tests/envFiles/test_env_1 +++ b/tests/envFiles/test_env_1 @@ -8,3 +8,4 @@ export KEYBASE_USERNAME="$BOT_USERNAME" export CHAT_CHANNEL="$SUBTEAM.ssh#ssh-provision" export CA_KEY_LOCATION="/shared/keybase-ca-key" export ANNOUNCEMENT='Hello my name is {USERNAME}. This is {CURRENT_TEAM} and the configured teams are {TEAMS}' +export KEYBASE_TIMEOUT='10' \ No newline at end of file