foundation/preflight/checks/ssh.sh
Andreas Niemann edc708b826 feat(preflight): host/toolchain validation + VERSIONS pin-file — T01
- VERSIONS: 7 container images (CONTRACT_003 §3.2) + 13 host tools, KEY=value,
  source-able+greppable; images carry :PIN_DIGEST placeholders with a documented
  pin-digests procedure (D5 determinism — no real deploy until pinned).
- preflight.sh: fails closed (non-zero on any required check), bash-3.2 safe,
  composable checks/ (versions,tools,env,docker) + gated (ssh,dns) that WARN-skip
  until the stack is configured.
- env check honors D2 (passphrase presence only, never printed).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-30 18:00:26 +02:00

64 lines
2.7 KiB
Bash
Executable file

#!/usr/bin/env bash
# -----------------------------------------------------------------------------
# checks/ssh.sh — OPTIONAL / GATED: SSH reachability to the configured VM host.
# Depends on Pulumi config (foundation:vm.host / foundation:vm.user) that may
# not exist at scaffold time. If the stack/config is absent we SKIP with a
# WARNING (never a failure). Only when a host IS configured do we attempt a
# non-interactive SSH probe; a failed probe is a WARNING too, because the VM
# may legitimately not exist yet during early bootstrap (PLAN-002 Phase 0/1).
# This check therefore never causes preflight to exit non-zero on its own.
# -----------------------------------------------------------------------------
set -euo pipefail
PF_DIR=$(cd "$(dirname "$0")/.." && pwd)
# shellcheck source=../lib/common.sh
. "$PF_DIR/lib/common.sh"
BOOTSTRAP_DIR=$(cd "$PF_DIR/.." && pwd)/bootstrap
echo "[ssh] (gated) SSH reachability to configured VM host"
# pf_pulumi_config <key> : echo a stack config value, or "" if unavailable.
# Tolerates: pulumi not installed, no stack selected, key absent, no project.
pf_pulumi_config() {
pf_have pulumi || { printf ''; return; }
[ -d "$BOOTSTRAP_DIR" ] || { printf ''; return; }
( cd "$BOOTSTRAP_DIR" 2>/dev/null && pulumi config get "$1" 2>/dev/null ) || printf ''
}
if ! pf_have pulumi; then
pf_warn "pulumi not installed -> cannot read vm.host; SKIPPING ssh reachability"
pf_summary "ssh"; exit $?
fi
if [ ! -d "$BOOTSTRAP_DIR" ]; then
pf_warn "bootstrap/ not present yet -> no stack config; SKIPPING ssh reachability"
pf_summary "ssh"; exit $?
fi
vm_host=$(pf_pulumi_config "foundation:vm.host")
vm_user=$(pf_pulumi_config "foundation:vm.user")
[ -n "$vm_user" ] || vm_user="root"
if [ -z "$vm_host" ]; then
pf_warn "foundation:vm.host not configured yet -> SKIPPING ssh reachability (expected pre-Phase-0)"
pf_summary "ssh"; exit $?
fi
ssh_key="${SSH_PRIVATE_KEY_PATH:-$HOME/.ssh/id_rsa}"
case "$ssh_key" in "~/"*) ssh_key="$HOME/${ssh_key#~/}" ;; esac
pf_info "configured target: ${vm_user}@${vm_host} (key: $ssh_key)"
if ! pf_have ssh; then
pf_warn "ssh client missing (see tools check) -> SKIPPING reachability probe"
pf_summary "ssh"; exit $?
fi
# Non-interactive, fast-failing probe. BatchMode avoids password prompts;
# a 'true' command that succeeds proves auth + reachability.
if ssh -o BatchMode=yes -o ConnectTimeout=8 -o StrictHostKeyChecking=accept-new \
-i "$ssh_key" "${vm_user}@${vm_host}" true >/dev/null 2>&1; then
pf_pass "SSH to ${vm_user}@${vm_host} succeeded"
else
pf_warn "SSH to ${vm_user}@${vm_host} did not succeed (VM may not exist yet / key not trusted) — not failing"
fi
pf_summary "ssh"