triggers: gen ssh keypair outside of activate()
This keeps the private key from ever being exposed to the client.
This commit is contained in:
Jimmy Zelinskie
parent
93a9e9d01a
commit
e6a7156657
2 changed files with 5 additions and 3 deletions
|
|
@ -525,9 +525,7 @@ class GitHubBuildTrigger(BuildTrigger):
|
|||
msg = 'Unable to find GitHub repository for source: %s' % new_build_source
|
||||
raise TriggerActivationException(msg)
|
||||
|
||||
# Generate an SSH keypair and add the public key to the repository.
|
||||
# TODO(jzelinskie): don't put this in the config! it's not secure!
|
||||
config['public_key'], config['private_key'] = generate_ssh_keypair()
|
||||
# Add a deploy key to the GitHub repository.
|
||||
try:
|
||||
deploy_key = gh_repo.create_key('Quay.io Builder', config['public_key'])
|
||||
config['deploy_key_id'] = deploy_key.id
|
||||
|
|
|
|||
Reference in a new issue