From b2e87ef03813c9e558f0cccd98a4f2747f68461e Mon Sep 17 00:00:00 2001 From: Garrett Delfosse Date: Fri, 26 Apr 2024 18:34:15 +0000 Subject: [PATCH] feat: Add github-upload-public-key module --- github-upload-public-key/main.tf | 27 ++++++++++++++ github-upload-public-key/run.sh | 64 ++++++++++++++++++++++++++++++++ 2 files changed, 91 insertions(+) create mode 100644 github-upload-public-key/main.tf create mode 100755 github-upload-public-key/run.sh diff --git a/github-upload-public-key/main.tf b/github-upload-public-key/main.tf new file mode 100644 index 0000000..f06b055 --- /dev/null +++ b/github-upload-public-key/main.tf @@ -0,0 +1,27 @@ +terraform { + required_version = ">= 1.0" + + required_providers { + coder = { + source = "coder/coder" + version = ">= 0.12" + } + } +} + +variable "agent_id" { + type = string + description = "The ID of a Coder agent." +} + +resource "coder_script" "github_upload_public_key" { + agent_id = var.agent_id + script = templatefile("${path.module}/run.sh", { + CODER_OWNER_SESSION_TOKEN : data.coder_workspace.me.owner_session_token, + CODER_ACCESS_URL : data.coder_workspace.me.access_url + }) + display_name = "Github Upload Public Key" + icon = "/icon/github.svg" + run_on_start = true + start_blocks_login = true +} \ No newline at end of file diff --git a/github-upload-public-key/run.sh b/github-upload-public-key/run.sh new file mode 100755 index 0000000..8ea4a74 --- /dev/null +++ b/github-upload-public-key/run.sh @@ -0,0 +1,64 @@ +#!/usr/bin/env bash + +set -e + +CODER_ACCESS_URL="${CODER_ACCESS_URL}" +CODER_OWNER_SESSION_TOKEN="${CODER_OWNER_SESSION_TOKEN}" + +if [ -z "$CODER_ACCESS_URL" ]; then + echo "No coder access url specified!" + exit 1 +fi + +if [ -z "$CODER_OWNER_SESSION_TOKEN" ]; then + echo "No coder owner session token specified!" + exit 1 +fi + +if [ -z "$GITHUB_TOKEN" ]; then + echo "No GITHUB_TOKEN in the workspace environment!" + exit 1 +fi + +PUBLIC_KEY_NAME="$CODER_ACCESS_URL Workspaces" + +echo "Fetching Coder public SSH key..." +PUBLIC_KEY=$(curl "$CODER_ACCESS_URL/api/v2/users/me/gitsshkey" \ + -H 'accept: application/json' \ + -H "cookie: coder_session_token=$CODER_OWNER_SESSION_TOKEN" \ + --fail \ + -s \ + | jq -r '.public_key' +) + +if [ -z "$PUBLIC_KEY" ]; then + echo "No Coder public SSH key found!" + exit 1 +fi + +echo "Fetching GitHub public SSH keys..." +GITHUB_MATCH=$(curl \ + -H "Accept: application/vnd.github+json" \ + -H "Authorization: Bearer $GITHUB_TOKEN" \ + -H "X-GitHub-Api-Version: 2022-11-28" \ + --fail \ + -s \ + https://api.github.com/user/keys \ + | jq -r --arg PUBLIC_KEY "$PUBLIC_KEY" '.[] | select(.key == $PUBLIC_KEY) | .key' +) + +if [ "$PUBLIC_KEY" = "$GITHUB_MATCH" ]; then + echo "Coder public SSH key is already uploaded to GitHub!" + exit 0 +fi +echo "Coder public SSH key not found in GitHub keys!" +echo "Uploading Coder public SSH key to GitHub..." +curl -L \ + -X POST \ + -H "Accept: application/vnd.github+json" \ + -H "Authorization: Bearer $GITHUB_TOKEN" \ + -H "X-GitHub-Api-Version: 2022-11-28" \ + https://api.github.com/user/keys \ + -d "{\"title\":\"$PUBLIC_KEY_NAME\",\"key\":\"$PUBLIC_KEY\"}" + +echo "Coder public SSH key uploaded to GitHub!" \ No newline at end of file