diff --git a/internal/config/config.go b/internal/config/config.go index 8713c89..0f1ae63 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -269,6 +269,9 @@ func resolveSSHKeyPath(layout paths.Layout, configured string) (string, error) { if sshDir == "" { sshDir = filepath.Join(layout.StateDir, "ssh") } + if !filepath.IsAbs(sshDir) { + return "", fmt.Errorf("ssh key dir must be absolute; got %q (check paths.Resolve populated SSHDir / StateDir)", sshDir) + } return ensureDefaultSSHKey(filepath.Join(sshDir, "id_ed25519")) } diff --git a/internal/config/config_test.go b/internal/config/config_test.go index 9a756b3..da85358 100644 --- a/internal/config/config_test.go +++ b/internal/config/config_test.go @@ -69,7 +69,7 @@ default_dns = "9.9.9.9" t.Fatalf("write config.toml: %v", err) } - cfg, err := Load(paths.Layout{ConfigDir: configDir}) + cfg, err := Load(paths.Layout{ConfigDir: configDir, SSHDir: t.TempDir()}) if err != nil { t.Fatalf("Load: %v", err) } @@ -106,7 +106,7 @@ default_dns = "9.9.9.9" func TestLoadAppliesLogLevelEnvOverride(t *testing.T) { t.Setenv("BANGER_LOG_LEVEL", "warn") - cfg, err := Load(paths.Layout{ConfigDir: t.TempDir()}) + cfg, err := Load(paths.Layout{ConfigDir: t.TempDir(), SSHDir: t.TempDir()}) if err != nil { t.Fatalf("Load: %v", err) } @@ -130,7 +130,7 @@ mode = "0644" if err := os.WriteFile(filepath.Join(configDir, "config.toml"), data, 0o644); err != nil { t.Fatal(err) } - cfg, err := Load(paths.Layout{ConfigDir: configDir}) + cfg, err := Load(paths.Layout{ConfigDir: configDir, SSHDir: t.TempDir()}) if err != nil { t.Fatalf("Load: %v", err) } @@ -193,7 +193,7 @@ func TestLoadRejectsInvalidFileSyncEntries(t *testing.T) { if err := os.WriteFile(filepath.Join(configDir, "config.toml"), []byte(tc.toml+"\n"), 0o644); err != nil { t.Fatal(err) } - _, err := Load(paths.Layout{ConfigDir: configDir}) + _, err := Load(paths.Layout{ConfigDir: configDir, SSHDir: t.TempDir()}) if err == nil { t.Fatalf("Load: want error containing %q", tc.want) } @@ -216,7 +216,7 @@ system_overlay_size = "12G" if err := os.WriteFile(filepath.Join(configDir, "config.toml"), data, 0o644); err != nil { t.Fatal(err) } - cfg, err := Load(paths.Layout{ConfigDir: configDir}) + cfg, err := Load(paths.Layout{ConfigDir: configDir, SSHDir: t.TempDir()}) if err != nil { t.Fatalf("Load: %v", err) } @@ -237,7 +237,7 @@ system_overlay_size = "12G" func TestLoadEmptyVMDefaultsLeavesZeros(t *testing.T) { // No [vm_defaults] block → cfg.VMDefaults is the zero value, // which the resolver will map to auto or builtin. - cfg, err := Load(paths.Layout{ConfigDir: t.TempDir()}) + cfg, err := Load(paths.Layout{ConfigDir: t.TempDir(), SSHDir: t.TempDir()}) if err != nil { t.Fatalf("Load: %v", err) } @@ -259,7 +259,7 @@ func TestLoadRejectsNegativeVMDefaults(t *testing.T) { if err := os.WriteFile(filepath.Join(configDir, "config.toml"), []byte(body+"\n"), 0o644); err != nil { t.Fatal(err) } - if _, err := Load(paths.Layout{ConfigDir: configDir}); err == nil { + if _, err := Load(paths.Layout{ConfigDir: configDir, SSHDir: t.TempDir()}); err == nil { t.Fatal("expected error") } }) diff --git a/internal/config/ssh/id_ed25519 b/internal/config/ssh/id_ed25519 deleted file mode 100644 index 6e6936e..0000000 --- a/internal/config/ssh/id_ed25519 +++ /dev/null @@ -1,3 +0,0 @@ ------BEGIN PRIVATE KEY----- -MC4CAQAwBQYDK2VwBCIEIOeClGP/5JANJJpar5grOSE0RcaqMedAT5Nc6BcyCphM ------END PRIVATE KEY----- diff --git a/internal/config/ssh/id_ed25519.pub b/internal/config/ssh/id_ed25519.pub deleted file mode 100644 index bdfd01b..0000000 --- a/internal/config/ssh/id_ed25519.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOpF+WjNdlBLZYI3sbPST2lhxzrsfELwRXT58vkNL3xK