From 003351064478a125b2b2b0b420426488c90d0d3d Mon Sep 17 00:00:00 2001
From: Manuel Alejandro de Brito Fontes <aledbf@gmail.com>
Date: Thu, 28 Oct 2021 13:05:26 -0300
Subject: [PATCH] Use a script to setup environment

---
 components/supervisor/BUILD.yaml            |  1 +
 components/supervisor/leeway.Dockerfile     |  1 +
 components/supervisor/pkg/supervisor/ssh.go |  3 +++
 components/supervisor/ssh-connect.sh        | 16 ++++++++++++++++
 4 files changed, 21 insertions(+)
 create mode 100755 components/supervisor/ssh-connect.sh

diff --git a/components/supervisor/BUILD.yaml b/components/supervisor/BUILD.yaml
index 5a957fd052257c..88bb70aab8362f 100644
--- a/components/supervisor/BUILD.yaml
+++ b/components/supervisor/BUILD.yaml
@@ -19,6 +19,7 @@ packages:
     type: docker
     srcs:
       - "supervisor-config.json"
+      - ssh-connect.sh
     deps:
       - :app
       - components/supervisor/frontend:app
diff --git a/components/supervisor/leeway.Dockerfile b/components/supervisor/leeway.Dockerfile
index 5de4c78c36c823..054903afe514a3 100644
--- a/components/supervisor/leeway.Dockerfile
+++ b/components/supervisor/leeway.Dockerfile
@@ -20,5 +20,6 @@ COPY components-supervisor--app/supervisor \
 WORKDIR "/.supervisor/ssh"
 COPY components-supervisor-openssh--app/usr/sbin/sshd .
 COPY components-supervisor-openssh--app/usr/bin/ssh-keygen .
+COPY ssh-connect.sh .
 
 ENTRYPOINT ["/.supervisor/supervisor"]
diff --git a/components/supervisor/pkg/supervisor/ssh.go b/components/supervisor/pkg/supervisor/ssh.go
index f10b8f6d140eb4..35445aef9016fb 100644
--- a/components/supervisor/pkg/supervisor/ssh.go
+++ b/components/supervisor/pkg/supervisor/ssh.go
@@ -78,6 +78,8 @@ func (s *sshServer) handleConn(ctx context.Context, conn net.Conn) {
 		return
 	}
 
+	connectCommand := filepath.Join(filepath.Dir(bin), "ssh", "ssh-connect.sh")
+
 	args := []string{
 		"-iedD", "-f/dev/null",
 		"-oProtocol 2",
@@ -92,6 +94,7 @@ func (s *sshServer) handleConn(ctx context.Context, conn net.Conn) {
 		"-oPidFile /dev/null",
 		"-oUseDNS no", // Disable DNS lookups.
 		"-oSubsystem sftp internal-sftp",
+		"-oForceCommand " + connectCommand,
 	}
 
 	if os.Getenv("SUPERVISOR_DEBUG_ENABLE") != "" {
diff --git a/components/supervisor/ssh-connect.sh b/components/supervisor/ssh-connect.sh
new file mode 100755
index 00000000000000..250cf9c303ee3d
--- /dev/null
+++ b/components/supervisor/ssh-connect.sh
@@ -0,0 +1,16 @@
+#!/usr/bin/env bash
+# Copyright (c) 2021 Gitpod GmbH. All rights reserved.
+# Licensed under the GNU Affero General Public License (AGPL).
+# See License-AGPL.txt in the project root for license information.
+
+
+if [ -f "${HOME}/.profile" ]; then
+    # shellcheck disable=SC1090
+    source ~/.profile
+fi;
+
+if  [ -z "$SSH_ORIGINAL_COMMAND" ]; then
+    $SHELL --login
+else
+    eval "${SSH_ORIGINAL_COMMAND}"
+fi