From 5e29b71b7e77f7a02b54245816b5d077f00d7fb5 Mon Sep 17 00:00:00 2001 From: Update Bot <update-bot@private.storage> Date: Thu, 14 Jul 2022 19:36:57 -0400 Subject: [PATCH] Clean up those leaking ssh agents :/ --- ci-tools/update-nixpkgs | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/ci-tools/update-nixpkgs b/ci-tools/update-nixpkgs index baac5284..6b4438ac 100755 --- a/ci-tools/update-nixpkgs +++ b/ci-tools/update-nixpkgs @@ -12,12 +12,21 @@ set -eux -o pipefail HOST="whetstone.private.storage" -setup_ssh() { - export HOME="${PWD}" +__cleanup_ssh () { + ssh-agent -k +} +setup_ssh() { # -s makes the output sh compatible, in case it can't detect this for # itself. - eval $(ssh-agent -s) + # + # -t sets a limit on how long the key will be kept in memory. we try to + # kill the agent when we're done but we can't be sure we'll always + # succeed. The value is a number of seconds. + eval $(ssh-agent -s -t 300) + + # On shell exit, run a function to kill the agent. + trap __cleanup_ssh EXIT # A GitLab CI/CD variable set for us to use. echo "${UPDATE_NIXPKGS_PRIVATE_SSHKEY_BASE64}" | base64 -d | ssh-add - -- GitLab