From 6ec78f09fd14c38a6d864bf9911a67750e0f7a0f Mon Sep 17 00:00:00 2001 From: yeti Date: Fri, 18 Apr 2025 08:31:42 +0100 Subject: [PATCH] feat: pull the image from root repo if not available locally --- ssh_router.sh | 38 ++++++++++++++++++++++++++++++++++---- 1 file changed, 34 insertions(+), 4 deletions(-) diff --git a/ssh_router.sh b/ssh_router.sh index 0559c7c..05ce58b 100755 --- a/ssh_router.sh +++ b/ssh_router.sh @@ -2,7 +2,7 @@ PERSON="$1" WORKSPACE="$SSH_ORIGINAL_COMMAND" -IMAGE="analytics-backend-workspace" # change to match your setup +IMAGE="localhost:5100/analytics-backend-workspace:latest" TMUX_SESSION="$WORKSPACE|analytics-backend" DEV_USER="devuser" @@ -10,11 +10,29 @@ log() { echo "[$(date '+%Y-%m-%d %H:%M:%S')] $*" } -if [[ ! "$WORKSPACE" =~ ^[a-zA-Z0-9._-]+$ ]]; then - log "❌ Invalid container name: $WORKSPACE" - exit 1 +# Log access +log "[SSH] $USER connected with command: $SSH_ORIGINAL_COMMAND" >>/home/infilytics/ssh-router.log + +# Check if image exists locally +if ! podman image exists "$IMAGE"; then + log "📦 Image $IMAGE not found locally. Pulling from registry..." + + # Attempt to pull the image from the local registry (insecure HTTP) + if ! podman pull --tls-verify=false "$IMAGE"; then + log "❌ Failed to pull image from $IMAGE" + exit 1 + fi + + log "✅ Successfully pulled $IMAGE" fi +case "$SSH_ORIGINAL_COMMAND" in +*scp* | *sftp* | *rsync* | *tar*) + log "❌ File transfers are disabled" + exit 1 + ;; +esac + # Function to start the container if not running start_container_if_needed() { if ! podman container exists "$WORKSPACE"; then @@ -55,6 +73,18 @@ get_access_mode_and_session() { local workspace="$1" local person="$2" + # If workspace is empty, use person's name + if [[ -z "$workspace" ]]; then + WORKSPACE="$person" + echo "access=rw" + return 0 + fi + + if [[ ! "$workspace" =~ ^[a-zA-Z0-9._-]+$ ]]; then + log "❌ Invalid container name: $WORKSPACE" + exit 1 + fi + # Special case: user accessing their own workspace if [[ "$workspace" == "$person" ]]; then echo "access=rw"