From 796a8d3f54bc70457492d03af5d5e9569c74de91 Mon Sep 17 00:00:00 2001
From: Andrey Zhavoronkov <andrey.zhavoronkov@intel.com>
Date: Mon, 12 Oct 2020 16:59:27 +0300
Subject: [PATCH] fixed cvat startup process (#2293)

* fixed cvat startup process

* updated readme

* updated license header

* updated CHANGELOG

Co-authored-by: Boris Sekachev <boris.sekachev@yandex.ru>
---
 CHANGELOG.md          |  2 +-
 cvat/settings/base.py | 17 +++++++++++++++--
 ssh/README.md         |  1 +
 3 files changed, 17 insertions(+), 3 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index c3f2bbc776d..f0612ddbaa4 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -61,7 +61,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 -   Fixed issues from #2112 (<https://github.com/openvinotoolkit/cvat/pull/2217>)
 -   Git application name (renamed to dataset_repo) (<https://github.com/openvinotoolkit/cvat/pull/2243>)
 -   A problem in exporting of tracks, where tracks could be truncated (<https://github.com/openvinotoolkit/cvat/issues/2129>)
-
+-   Fixed CVAT startup process if the user has `umask 077` in .bashrc file (<https://github.com/openvinotoolkit/cvat/pull/2293>)
 
 ### Security
 
diff --git a/cvat/settings/base.py b/cvat/settings/base.py
index 2b49c78f48c..30757044094 100644
--- a/cvat/settings/base.py
+++ b/cvat/settings/base.py
@@ -1,4 +1,4 @@
-# Copyright (C) 2018-2019 Intel Corporation
+# Copyright (C) 2018-2020 Intel Corporation
 #
 # SPDX-License-Identifier: MIT
 
@@ -50,10 +50,22 @@ def generate_ssh_keys():
     ssh_dir = '{}/.ssh'.format(os.getenv('HOME'))
     pidfile = os.path.join(ssh_dir, 'ssh.pid')
 
+    def add_ssh_keys():
+        IGNORE_FILES = ('README.md', 'ssh.pid')
+        keys_to_add = [entry.name for entry in os.scandir(ssh_dir) if entry.name not in IGNORE_FILES]
+        keys_to_add = ' '.join(os.path.join(ssh_dir, f) for f in keys_to_add)
+        subprocess.run(['ssh-add {}'.format(keys_to_add)],
+            shell = True,
+            stderr = subprocess.PIPE,
+            # lets set the timeout if ssh-add requires a input passphrase for key
+            # otherwise the process will be freezed
+            timeout=30,
+            )
+
     with open(pidfile, "w") as pid:
         fcntl.flock(pid, fcntl.LOCK_EX)
         try:
-            subprocess.run(['ssh-add {}/*'.format(ssh_dir)], shell = True, stderr = subprocess.PIPE)
+            add_ssh_keys()
             keys = subprocess.run(['ssh-add -l'], shell = True,
                 stdout = subprocess.PIPE).stdout.decode('utf-8').split('\n')
             if 'has no identities' in keys[0]:
@@ -440,3 +452,4 @@ def generate_ssh_keys():
 }
 
 USE_CACHE = True
+
diff --git a/ssh/README.md b/ssh/README.md
index b5dcd609638..246dc050b2e 100644
--- a/ssh/README.md
+++ b/ssh/README.md
@@ -1,4 +1,5 @@
 Put your SSH keys and SSH config here and they will be installed to the CVAT container.
+Please do not use encrypted keys that require a passphrase - these keys will not be used.
 
 If you have any problems with a git repository cloning inside the CVAT:
   * Make sure that SSH keys have been added to the CVAT container: