Merge pull request #8 from starkandwayne/Remove-HostKey-Check-Default

Remove host key check default
egen · Dec 7, 2022 · fbba27d · fbba27d
2 parents 26b4240 + eebbeff
commit fbba27d
Show file tree

Hide file tree

Showing 3 changed files with 25 additions and 13 deletions.
diff --git a/README.md b/README.md
@@ -39,6 +39,7 @@ $cf create-service config-server default test-service -c "whatever json configur
 
 ## History ##
 
+* v1.1.0 - Added default settings for the hostKey to not be needed by defaut for CloudFoundry instances
 * v1.0.0 - Full release with support for SR Actuators
 * v0.0.5 - Services as configurable objects
 * v0.0.4 - Now with configurable package names

diff --git a/VERSION b/VERSION
@@ -0,0 +1 @@
+1.1.0
diff --git a/broker/update_app_environment.go b/broker/update_app_environment.go
@@ -12,16 +12,21 @@ import (
 // Updates the app enviornment variables for creating or updating an instance.
 func (broker *SCSBroker) UpdateAppEnvironment(cfClient *ccv3.Client, app *ccv3.Application, info *ccv3.Info, kind string, instanceId string, jsonparams string, params map[string]string) error {
 
+	var hostKeySetSSH bool = false
 	var profiles []string
+	envVarToSet := make(ccv3.EnvironmentVariables)
 	for key, value := range params {
-		_, _, err := cfClient.UpdateApplicationEnvironmentVariables(app.GUID, ccv3.EnvironmentVariables{
-			key: *types.NewFilteredString(value),
-		})
+
+		envVarToSet[key] = *types.NewFilteredString(value)
 
 		if key == "SPRING_CLOUD_CONFIG_SERVER_GIT_URI" {
 			profiles = append(profiles, "git")
 		}
 
+		if key == "SPRING_CLOUD_CONFIG_SERVER_GIT_HOSTKEY" {
+			hostKeySetSSH = true
+		}
+
 		if key == "SPRING_CLOUD_CONFIG_SERVER_VAULT_HOST" {
 			profiles = append(profiles, "vault")
 		}
@@ -34,9 +39,6 @@ func (broker *SCSBroker) UpdateAppEnvironment(cfClient *ccv3.Client, app *ccv3.A
 			profiles = append(profiles, "credhub")
 		}
 
-		if err != nil {
-			return err
-		}
 	}
 
 	var profileString strings.Builder
@@ -48,13 +50,21 @@ func (broker *SCSBroker) UpdateAppEnvironment(cfClient *ccv3.Client, app *ccv3.A
 		}
 	}
 
-	_, _, err := cfClient.UpdateApplicationEnvironmentVariables(app.GUID, ccv3.EnvironmentVariables{
-		"SPRING_APPLICATION_JSON": *types.NewFilteredString(jsonparams),
-		"JWK_SET_URI":             *types.NewFilteredString(fmt.Sprintf("%v/token_keys", info.UAA())),
-		"SKIP_SSL_VALIDATION":     *types.NewFilteredString(strconv.FormatBool(broker.Config.CfConfig.SkipSslValidation)),
-		"REQUIRED_AUDIENCE":       *types.NewFilteredString(fmt.Sprintf("%s.%v", kind, instanceId)),
-		"SPRING_PROFILES_ACTIVE":  *types.NewFilteredString(profileString.String()),
-	})
+	envVarToSet["SPRING_CLOUD_CONFIG_SERVER_GIT_IGNORELOCALSSHSETTINGS"] = *types.NewFilteredString("true")
+
+	if !hostKeySetSSH {
+		envVarToSet["SPRING_CLOUD_CONFIG_SERVER_GIT_STRICTHOSTKEYCHECKING"] = *types.NewFilteredString("false")
+	} else {
+		envVarToSet["SPRING_CLOUD_CONFIG_SERVER_GIT_STRICTHOSTKEYCHECKING"] = *types.NewFilteredString("true")
+	}
+
+	envVarToSet["SPRING_APPLICATION_JSON"] = *types.NewFilteredString(jsonparams)
+	envVarToSet["JWK_SET_URI"] = *types.NewFilteredString(fmt.Sprintf("%v/token_keys", info.UAA()))
+	envVarToSet["SKIP_SSL_VALIDATION"] = *types.NewFilteredString(strconv.FormatBool(broker.Config.CfConfig.SkipSslValidation))
+	envVarToSet["REQUIRED_AUDIENCE"] = *types.NewFilteredString(fmt.Sprintf("%s.%v", kind, instanceId))
+	envVarToSet["SPRING_PROFILES_ACTIVE"] = *types.NewFilteredString(profileString.String())
+
+	_, _, err := cfClient.UpdateApplicationEnvironmentVariables(app.GUID, envVarToSet)
 	if err != nil {
 		return err
 	}