From 7d3705dc523ceb3ea311c558c2fe434f85a9c810 Mon Sep 17 00:00:00 2001 From: Dale Anderson Date: Thu, 11 Sep 2025 11:37:29 -0700 Subject: [PATCH] Fix a few issues with key setup * let curl follow redirects - if requesting /jdoe.keys, but the gitlab username is actually jDoe (with mixed case), gitlab will redirect the request to the correct case (add -L to curl) * only ever return public keys (grep for ^ssh) * make sure the command fails if the server responds with something other than 2xx (add --fail to curl) --- scripts/deployables/acro-add-user.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/deployables/acro-add-user.sh b/scripts/deployables/acro-add-user.sh index 701243f..ea13081 100755 --- a/scripts/deployables/acro-add-user.sh +++ b/scripts/deployables/acro-add-user.sh @@ -295,8 +295,8 @@ function main() { debug "EXTERNAL_KEYS_URL: $EXTERNAL_KEYS_URL" debug "EXTERNAL_KEYS_FILE: $EXTERNAL_KEYS_FILE" - if ! (curl -sS "$EXTERNAL_KEYS_URL" > "$EXTERNAL_KEYS_FILE"); then - err "Curl command failed: 'curl -sS $EXTERNAL_KEYS_URL'" + if ! (curl -sSL --fail "$EXTERNAL_KEYS_URL" | grep '^ssh' > "$EXTERNAL_KEYS_FILE"); then + err "Curl command failed: 'curl -sSL --fail $EXTERNAL_KEYS_URL'" cerr "Result:" >&2 cat "$EXTERNAL_KEYS_FILE" return 1