blob: 0d82fb3e03709c5d92383feffc7999bdcbb0619e [file] [log] [blame]
#!/bin/bash
#
# This script creates an SSH connection to a swarming machine. Firewall rules
# are in place to prevent SSH access except from corp/prod. go/gce-enforcer
# Therefore, connections must be proxied using the corp-ssh-helper for use
# from home.
#
# Prerequisites:
# 1) Have created a set of SSH credentials to use with GCE. These are
# expected to be stored in ~/.ssh/google_compute_engine(.pub)?
# 2) Stored these SSH keys to the project metadata, where they will propagate
# to all instances. SSH keys can be viewed at go/skia-swarm-ssh-keys
#
# Both of these Prerequisites can be achieved by running:
# gcloud compute ssh --project skia-swarming-bots chrome-bot@skia-e-gce-313
# (where skia-e-gce-313 was chosen arbitrarily).
# This command is expected to fail due with "Connection timed out" due to the
# firewall rules, but it will create the SSH keys and upload them to the project
# metadata as required. Even though we specify a single instance here, the
# project metadata is used by all instances for this project.
#
# Usage: ssh_swarm MACHINE [USER]
#
# MACHINE is something like skia-e-gce-123
# USER defaults to chrome-bot, but can be supplied if needed. Note that
# supplying a user here may require an additional upload of SSH metadata.
USER=$2
USER=${USER:-"chrome-bot"}
# See https://cloud.google.com/compute/docs/troubleshooting/troubleshooting-ssh#test_network
IP=`gcloud compute instances describe $1 --format='get(networkInterfaces[0].accessConfigs[0].natIP)' --project skia-swarming-bots`
echo "Connecting to $USER@$IP"
ssh $USER@$IP -o ProxyCommand="corp-ssh-helper %h %p" -i ~/.ssh/google_compute_engine