Fix collective.recipe.shelloutput running "too early"
Our software using sshd were sometimes failing in tests, because the way they publish key fingerprint was racy.
It is based on
collective.recipe.shelloutput, which as we can see in the recipe code operates on
We are using
collective.recipe.shelloutput to capture the output of
ssh-keygen -lf $KEY and this must run after the file
$KEY is generated ( it is generated by another
plone.recipe.command version). We were trying to run the
collective.recipe.shelloutput after the
plone.recipe.command, but that was incorrect anyway, because
collective.recipe.shelloutput reads the file at
__init__ step, where
plone.recipe.command creates the file at
As we could see in test suite, it was sometimes working, when
slapos node instance ran only once, but it sometimes working, when
slapos node instance ran more than once, for example because a promise failed and
slapos node instance was retried.
collective.recipe.shelloutput does not take into account the exit code of the command but simply capture with
"Error ..." whatever the command might output on stderr, we add another step checking that the captured output is not
"Error ..." and if it is cause a buildout error so that
slapos node instance is retried and then succeed.
What should happen now is:
collective.recipe.shelloutputreads the key fingerprint, the file is not present so it captures `"Error ..."``
plone.recipe.commandcreates the key
plone.recipe.commandchecks that the captured fingerprint is not
"Error ..."it fails
- buildout restarts
collective.recipe.shelloutputreads key fingerprint correctly.
Slaprunner has been heavily modified, because it was using a
sshkeys_authority which was incompatible with this as it uses symlinks for keys. Since we don't know what is the purpose of
sshkeys_authority, we rewrote that software to use simple commands instead of that "ssh keys authority".