diff options
author | Maximilian Bosch <maximilian@mbosch.me> | 2024-10-12 23:42:59 +0200 |
---|---|---|
committer | Maximilian Bosch <maximilian@mbosch.me> | 2024-10-14 06:01:18 +0000 |
commit | 4682e40183b86972e5a1ef8f17e5366b9b3a8b2c (patch) | |
tree | ff9fd4814236884808699f2cc422c9bca75d58f3 /tests/nixos | |
parent | 326cbecb61d42ce73caa391cdcb21acb2581bf7c (diff) |
ssh-ng: better way to keep SSH errors visible
A better fix than in 104448e75d87d03d2fb0b4ac96d4da72e1dae50d, hence a
revert + the fix.
It turns out that this commit has the side-effect that when having e.g.
`StrictHostKeyChecking=accept-new` for a remote builder, the warnings à la
Warning: Permanently added 'builder' (ED25519) to the list of known hosts.
actually end up in the derivation's log whereas hostkey verification
errors don't, but only in the stderr of the `nix-build` invocation
(which was the motivation for the patch).
This change writes the stderr from the build-hook to
* the daemon's stderr, so that the SSH errors appear in the journal
(which was the case before 104448e75d87d03d2fb0b4ac96d4da72e1dae50d)
* the client's stderr, as a log message
* NOT to the drv log (this is handled via `handleJSONLogMessage`)
I tried to fix the issue for legacy-ssh as well, but failed and
ultimately decided to not bother.
I know that we'll sooner or later replace the entire component, however
this is the part of the patch I have working for a while, so I figured I
might still submit it for the time being.
Change-Id: I21ca1aa0d8ae281d2eacddf26e0aa825272707e5
Diffstat (limited to 'tests/nixos')
-rw-r--r-- | tests/nixos/remote-builds-ssh-ng.nix | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/tests/nixos/remote-builds-ssh-ng.nix b/tests/nixos/remote-builds-ssh-ng.nix index 8deb9a504..ec12f9066 100644 --- a/tests/nixos/remote-builds-ssh-ng.nix +++ b/tests/nixos/remote-builds-ssh-ng.nix @@ -97,7 +97,8 @@ in builder.wait_for_unit("sshd.service") out = client.fail("nix-build ${expr nodes.client 1} 2>&1") - assert "error: failed to start SSH connection to 'root@builder': Host key verification failed" in out, f"No host verification error in {out}" + assert "Host key verification failed." in out, f"No host verification error:\n{out}" + assert "warning: SSH to 'root@builder' failed, stdout first line: '''" in out, f"No details about which host:\n{out}" client.succeed(f"ssh -o StrictHostKeyChecking=no {builder.name} 'echo hello world' >&2") |