gitrepo.rb in entitlements-gitrepo-auditor-plugin-0.3.0

- old
+ new

@@ -36,10 +36,11 @@
       def initialize(repo:, sshkey:, logger: Entitlements.logger)
         @logger = logger
         @repo = repo
         @sshkey = sshkey
         @github = "git@github.com:"
+        @tmpdir_prefix = ENV.fetch("ENTITLEMENTS_TMPDIR_PREFIX", "/data/entitlements_deploys")
       end
 
       # Run "git add" on a file.
       #
       # dir      - A String with the path where this is to take place.
@@ -204,10 +205,14 @@
         begin
           # Replace GIT_SSH with our custom SSH wrapper that installs the key and disables anything
           # else custom that might be going on in the environment. Turn off prompts for the SSH key for
           # github.com being trusted or not, only use the provided key as the identity, and ignore any
           # ~/.ssh/config file the user running this might have set up.
-          tempdir = Dir.mktmpdir
+
+          # if the @tmpdir_prefix doesn't exist, create it
+          FileUtils.mkdir_p(@tmpdir_prefix) unless File.directory?(@tmpdir_prefix)
+          tempdir = Dir.mktmpdir(nil, @tmpdir_prefix)
+
           File.open(File.join(tempdir, "key"), "w") { |f| f.write(sshkey) }
           File.open(File.join(tempdir, "ssh"), "w") do |f|
             f.puts "#!/bin/sh"
             f.puts "exec /usr/bin/ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null \\"
             f.puts "  -o IdentityFile=#{Shellwords.escape(File.join(tempdir, 'key'))} -o IdentitiesOnly=yes \\"