From e7ee143bb178e79168e7ab791458985e923d753e Mon Sep 17 00:00:00 2001
From: Jose Ramon Roca <jrroca@jrroca.com>
Date: Tue, 2 Jan 2018 13:38:47 +0100
Subject: [PATCH 1/2] Support for identity password over environment file

---
 Dockerfile      |  4 ++++
 entry.sh        | 24 ++++++++++++++++--------
 ssh-add-pass.sh | 15 +++++++++++++++
 3 files changed, 35 insertions(+), 8 deletions(-)
 create mode 100755 ssh-add-pass.sh

diff --git a/Dockerfile b/Dockerfile
index f949273..1dd2b50 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -28,8 +28,12 @@ RUN apk add --no-cache \
 	bash \
 	openssh \
 	socat \
+	expect \
 	&& rm -rf /var/cache/apk/*
 
+# Copy expect script
+COPY ssh-add-pass.sh /ssh-add-pass.sh
+
 # Copy entrypoint script to container
 COPY entry.sh /entry.sh
 
diff --git a/entry.sh b/entry.sh
index 30fdefd..be8623a 100755
--- a/entry.sh
+++ b/entry.sh
@@ -64,15 +64,23 @@ case "$1" in
     shift # remove argument from array
   fi
 
-  # Calling ssh-add. This should handle all cases.
-  _command="ssh-add $ssh_key_path $@"
-  debug_msg "Executing: $_command"
+  for var in "$@"
+  do
+  	if [ -f $var ]; then
+	  if [ -n "$SSH_PASSWD_SECRET_FILE" ]; then
+		  _command="/ssh-add-pass.sh $var $SSH_PASSWD_SECRET_FILE "
+	  else
+		  _command="ssh-add $var"
+	  fi
+	  debug_msg "Executing: $_command"
 
-  # When $key_path is empty, ssh-agent will be looking for both id_rsa and id_dsa in the home directory.
-  # NOTE: We do a sed hack here to strip out '/root/.ssh' from the key path in the output from ssh-add, since this
-  # path may confuse people.
-  # echo "Press ENTER or CTRL+C to skip entering passphrase (if any)."
-  $_command 2>&1 0>&1 | sed 's/\/root\/.ssh\///g'
+	  # When $key_path is empty, ssh-agent will be looking for both id_rsa and id_dsa in the home directory.
+	  # NOTE: We do a sed hack here to strip out '/root/.ssh' from the key path in the output from ssh-add, since this
+	  # path may confuse people.
+	  # echo "Press ENTER or CTRL+C to skip entering passphrase (if any)."
+	  $_command 2>&1 0>&1 | sed 's/\/root\/.ssh\///g'
+	fi
+  done
 
   # Return first command exit code
   exit ${PIPESTATUS[0]}
diff --git a/ssh-add-pass.sh b/ssh-add-pass.sh
new file mode 100755
index 0000000..c21a2cb
--- /dev/null
+++ b/ssh-add-pass.sh
@@ -0,0 +1,15 @@
+#!/bin/bash
+
+if [ $# -ne 2 ] ; then
+  echo "Usage: ssh-add-pass.sh keyfile passfile"
+  exit 1
+fi
+
+pass=$(cat $2)
+
+expect << EOF
+  spawn ssh-add $1
+  expect "Enter passphrase"
+  send "$pass\r"
+  expect eof
+EOF
\ No newline at end of file

From 4d47fdd4a4c44348cd45cb38fece259174b0999e Mon Sep 17 00:00:00 2001
From: Jose Ramon Roca <jrroca@jrroca.com>
Date: Tue, 2 Jan 2018 16:16:41 +0100
Subject: [PATCH 2/2] Changed to another command

---
 entry.sh | 69 ++++++++++++++++++++++++++++++++++++++++++--------------
 1 file changed, 52 insertions(+), 17 deletions(-)

diff --git a/entry.sh b/entry.sh
index be8623a..f58db2e 100755
--- a/entry.sh
+++ b/entry.sh
@@ -64,26 +64,61 @@ case "$1" in
     shift # remove argument from array
   fi
 
-  for var in "$@"
-  do
-  	if [ -f $var ]; then
-	  if [ -n "$SSH_PASSWD_SECRET_FILE" ]; then
-		  _command="/ssh-add-pass.sh $var $SSH_PASSWD_SECRET_FILE "
-	  else
-		  _command="ssh-add $var"
-	  fi
-	  debug_msg "Executing: $_command"
-
-	  # When $key_path is empty, ssh-agent will be looking for both id_rsa and id_dsa in the home directory.
-	  # NOTE: We do a sed hack here to strip out '/root/.ssh' from the key path in the output from ssh-add, since this
-	  # path may confuse people.
-	  # echo "Press ENTER or CTRL+C to skip entering passphrase (if any)."
-	  $_command 2>&1 0>&1 | sed 's/\/root\/.ssh\///g'
-	fi
-  done
+  # Calling ssh-add. This should handle all cases.
+  _command="ssh-add $ssh_key_path $@"
+  debug_msg "Executing: $_command"
+
+  # When $key_path is empty, ssh-agent will be looking for both id_rsa and id_dsa in the home directory.
+  # NOTE: We do a sed hack here to strip out '/root/.ssh' from the key path in the output from ssh-add, since this
+  # path may confuse people.
+  # echo "Press ENTER or CTRL+C to skip entering passphrase (if any)."
+  $_command 2>&1 0>&1 | sed 's/\/root\/.ssh\///g'
+
+  # Return first command exit code
+  exit ${PIPESTATUS[0]}
+  ;;
+	ssh-add-pass)
+  shift # remove argument from array
+
+  # .ssh folder from host is expected to be mounted on /.ssh
+  # We copy keys from there into /root/.ssh and fix permissions (necessary on Windows hosts)
+  host_ssh_path="/.ssh"
+  if [ -d $host_ssh_path ]; then
+    debug_msg "Copying host SSH keys and setting proper permissions..."
+    cp -av $host_ssh_path/. ~/.ssh/
+    chmod 700 ~/.ssh
+    chmod 600 ~/.ssh/*
+    chmod 644 ~/.ssh/*.pub
+  fi
+
+  # Make sure the key exists if provided.
+  # When $ssh_key_path is empty, ssh-agent will be looking for both id_rsa and id_dsa in the home directory.
+  ssh_key_path=""
+  if [ -n "$1" ] && [ -f "/root/.ssh/$1" ]; then
+    ssh_key_path="/root/.ssh/$1"
+    shift # remove argument from array
+  fi
+
+  # Calling ssh-add. This should handle all cases.
+  _command="/ssh-add-pass.sh $ssh_key_path $@"
+  debug_msg "Executing: $_command"
+
+  # When $key_path is empty, ssh-agent will be looking for both id_rsa and id_dsa in the home directory.
+  # NOTE: We do a sed hack here to strip out '/root/.ssh' from the key path in the output from ssh-add, since this
+  # path may confuse people.
+  # echo "Press ENTER or CTRL+C to skip entering passphrase (if any)."
+  $_command 2>&1 0>&1 | sed 's/\/root\/.ssh\///g'
 
   # Return first command exit code
   exit ${PIPESTATUS[0]}
+  ;;
+	ssh-add-list)
+  shift # remove argument from array
+
+	  _command="ssh-add -l"
+	  
+	  $_command 2>&1 0>&1 | sed 's/\/root\/.ssh\///g'
+  exit ${PIPESTATUS[0]}
   ;;
 	*)
   exec $@