Closed PeterJCLaw closed 2 years ago
Looks like this would at least simplify the creation of the SSH connection used in the deploy command. There miiight be more it can do but that's a start.
Importantly, while it seems that paramiko
has support for parsing SSH config files actually getting it to fully use the parsed data is mostly left as an exercise for the consumer. Fabric wraps that in a more complete API, making things considerably easier.
Notably the lack of Include
support (https://github.com/paramiko/paramiko/issues/1609) means that Fabric doesn't quite solve everything just yet, but it's a lot closer than we're currently at.
Can we investigate if fabric would help with the use of SSH keys with passphrases? Don't think Paramiko currently supports this as I had to remove a passphrase from one of my keys this morning
My guess is that it might do, though for clarity Fabric gets its SSH hangling from paramiko, it just offers a higher level API.
A test I did do with #24 was to see how it handled the case of an unknown server. I can't recall exactly what paramiko did by default in that case, though we did previously have explicitly handling that case by automatically adding the host keys (also for automatically loading the known ones), whereas Fabric does all that by default and offered a prompt which was very similar to the one that OpenSSH offered.
@sedders123 would you be able to test #24 with a key with a passphrase? I suggest pointing a compstate at a local virtual compbox (srcomp-puppet has a Vagrantfile which creates a VM that appears as a separate machine on your local network). Would be useful to compare that to your normal UX.
https://www.fabfile.org/ looks like it could make that code much simpler.