From df4200992cd4d54c055e777c1e3236131f26cba4 Mon Sep 17 00:00:00 2001
From: Jens L <jens.langhammer@beryju.org>
Date: Wed, 28 Sep 2022 12:10:40 +0200
Subject: [PATCH] outposts: remote docker ssh fixes (#3691)

* improve error logging for SSH connections

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* "fix" host key checking

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
---
 authentik/outposts/controllers/docker.py     | 4 +++-
 authentik/outposts/controllers/kubernetes.py | 2 +-
 authentik/outposts/docker_ssh.py             | 2 ++
 3 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/authentik/outposts/controllers/docker.py b/authentik/outposts/controllers/docker.py
index c156737b7..5a2f418ca 100644
--- a/authentik/outposts/controllers/docker.py
+++ b/authentik/outposts/controllers/docker.py
@@ -61,7 +61,9 @@ class DockerClient(UpstreamDockerClient, BaseClient):
                     tls=tls_config,
                 )
             except SSHException as exc:
-                raise ServiceConnectionInvalid from exc
+                if self.ssh:
+                    self.ssh.cleanup()
+                raise ServiceConnectionInvalid(exc) from exc
         # Ensure the client actually works
         self.containers.list()
 
diff --git a/authentik/outposts/controllers/kubernetes.py b/authentik/outposts/controllers/kubernetes.py
index 21fe95c83..903badd77 100644
--- a/authentik/outposts/controllers/kubernetes.py
+++ b/authentik/outposts/controllers/kubernetes.py
@@ -38,7 +38,7 @@ class KubernetesClient(ApiClient, BaseClient):
                 load_kube_config_from_dict(connection.kubeconfig, client_configuration=config)
             super().__init__(config)
         except ConfigException as exc:
-            raise ServiceConnectionInvalid from exc
+            raise ServiceConnectionInvalid(exc) from exc
 
     def fetch_state(self) -> OutpostServiceConnectionState:
         """Get version info"""
diff --git a/authentik/outposts/docker_ssh.py b/authentik/outposts/docker_ssh.py
index ff577371d..e7faec58b 100644
--- a/authentik/outposts/docker_ssh.py
+++ b/authentik/outposts/docker_ssh.py
@@ -54,6 +54,8 @@ class DockerInlineSSH:
                     self.header,
                     f"Host {self.host}\n",
                     f"    IdentityFile {key_path}\n",
+                    "   StrictHostKeyChecking No\n",
+                    "   UserKnownHostsFile /dev/null\n",
                     f"{FOOTER}\n",
                     "\n",
                 ]