Use Nix's SSHMaster

NixOS · Jan 22, 2024 · c75e0be · c75e0be
1 parent 57d9247
commit c75e0be
Showing 1 changed file with 23 additions and 61 deletions.
diff --git a/src/hydra-queue-runner/build-remote.cc b/src/hydra-queue-runner/build-remote.cc
@@ -15,19 +15,13 @@
 #include "util.hh"
 #include "serve-protocol.hh"
 #include "serve-protocol-impl.hh"
+#include "ssh.hh"
 #include "finally.hh"
 #include "url.hh"
 
 using namespace nix;
 
 
-struct Child
-{
-    Pid pid;
-    AutoCloseFD to, from;
-};
-
-
 static void append(Strings & dst, const Strings & src)
 {
     dst.insert(dst.end(), src.begin(), src.end());
@@ -55,58 +49,19 @@ static Strings extraStoreArgs(std::string & machine)
     return result;
 }
 
-static void openConnection(Machine::ptr machine, Path tmpDir, int stderrFD, Child & child)
+static std::unique_ptr<SSHMaster::Connection> openConnection(
+    Machine::ptr machine, SSHMaster & master, Path tmpDir, int stderrFD)
 {
-    std::string pgmName;
-    Pipe to, from;
-    to.create();
-    from.create();
-
-    Strings argv;
+    Strings command = {"nix-store", "--serve", "--write"};
     if (machine->isLocalhost()) {
-        pgmName = "nix-store";
-        argv = {"nix-store", "--builders", "", "--serve", "--write"};
+        command.push_back({ "--builders", "" });
     } else {
-        pgmName = "ssh";
-        auto sshName = machine->sshName;
-        Strings extraArgs = extraStoreArgs(sshName);
-        argv = {"ssh", sshName};
-        if (machine->sshKey != "") append(argv, {"-i", machine->sshKey});
-        if (machine->sshPublicHostKey != "") {
-            Path fileName = tmpDir + "/host-key";
-            auto p = machine->sshName.find("@");
-            std::string host = p != std::string::npos ? std::string(machine->sshName, p + 1) : machine->sshName;
-            writeFile(fileName, host + " " + machine->sshPublicHostKey + "\n");
-            append(argv, {"-oUserKnownHostsFile=" + fileName});
-        }
-        append(argv,
-            { "-x", "-a", "-oBatchMode=yes", "-oConnectTimeout=60", "-oTCPKeepAlive=yes"
-            , "--", "nix-store", "--serve", "--write" });
-        append(argv, extraArgs);
+        append(command, extraStoreArgs(machine->sshName));
     }
 
-    child.pid = startProcess([&]() {
-        restoreProcessContext();
-
-        if (dup2(to.readSide.get(), STDIN_FILENO) == -1)
-            throw SysError("cannot dup input pipe to stdin");
-
-        if (dup2(from.writeSide.get(), STDOUT_FILENO) == -1)
-            throw SysError("cannot dup output pipe to stdout");
-
-        if (dup2(stderrFD, STDERR_FILENO) == -1)
-            throw SysError("cannot dup stderr");
-
-        execvp(argv.front().c_str(), (char * *) stringsToCharPtrs(argv).data()); // FIXME: remove cast
-
-        throw SysError("cannot start %s", pgmName);
+    return master.startCommand(std::move(command), {
+        "-x", "-a", "-oBatchMode=yes", "-oConnectTimeout=60", "-oTCPKeepAlive=yes"
     });
-
-    to.readSide = -1;
-    from.writeSide = -1;
-
-    child.to = to.writeSide.release();
-    child.from = from.readSide.release();
 }
 
 
@@ -443,14 +398,21 @@ void State::buildRemote(ref<Store> destStore,
 
         updateStep(ssConnecting);
 
+        SSHMaster master {
+            machine->sshName,
+            machine->sshKey,
+            machine->sshPublicHostKey,
+            false, // no SSH master yet
+            false, // no compression yet
+        };
+
         // FIXME: rewrite to use Store.
-        Child child;
-        build_remote::openConnection(machine, tmpDir, logFD.get(), child);
+        auto child = build_remote::openConnection(machine, master, tmpDir, logFD.get());
 
         {
             auto activeStepState(activeStep->state_.lock());
             if (activeStepState->cancelled) throw Error("step cancelled");
-            activeStepState->pid = child.pid;
+            activeStepState->pid = child->sshPid;
         }
 
         Finally clearPid([&]() {
@@ -467,8 +429,8 @@ void State::buildRemote(ref<Store> destStore,
 
         Machine::Connection conn {
             {
-                .to = child.to.get(),
-                .from = child.from.get(),
+                .to = child->out.get(),
+                .from = child->in.get(),
                 /* Handshake. */
                 .remoteVersion = 0xdadbeef, // FIXME avoid dummy initialize
             },
@@ -489,7 +451,7 @@ void State::buildRemote(ref<Store> destStore,
                 our_version,
                 machine->sshName);
         } catch (EndOfFile & e) {
-            child.pid.wait();
+            child->sshPid.wait();
             std::string s = chomp(readFile(result.logFile));
             throw Error("cannot connect to ‘%1%’: %2%", machine->sshName, s);
         }
@@ -589,8 +551,8 @@ void State::buildRemote(ref<Store> destStore,
         }
 
         /* Shut down the connection. */
-        child.to = -1;
-        child.pid.wait();
+        child->out = -1;
+        child->sshPid.wait();
 
     } catch (Error & e) {
         /* Disable this machine until a certain period of time has