tsprlng/authorized_keys

## authorized_keys
# Allow the 'deployer' key to run only the redeploy script; pass the given arguments (i.e. service name) to the script
#   e.g. $ ssh deployer@server restartable-thing
#
command="/home/deployer/redeploy.sh $SSH_ORIGINAL_COMMAND",no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding ssh-rsa «public-key» deployer@ci-server

## redeploy.sh
#!/bin/bash

if [ $(/usr/bin/whoami) == 'deployer' ]; then
  # auto-escalate -- run this same script as root
    exec /usr/bin/sudo $0 $1
fi

if [ $1 == 'restartable-thing' ]; then
  # run restart script with empty environment
    /usr/bin/env -i  /usr/sbin/service restartable-thing restart
else
  echo 'What are you talking about?'
  exit 4
fi
	# Allow the 'deployer' key to run only the redeploy script; pass the given arguments (i.e. service name) to the script
	# e.g. $ ssh deployer@server restartable-thing
	#
	command="/home/deployer/redeploy.sh $SSH_ORIGINAL_COMMAND",no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding ssh-rsa «public-key» deployer@ci-server
	#!/bin/bash

	if [ $(/usr/bin/whoami) == 'deployer' ]; then
	# auto-escalate -- run this same script as root
	exec /usr/bin/sudo $0 $1
	fi

	if [ $1 == 'restartable-thing' ]; then
	# run restart script with empty environment
	/usr/bin/env -i /usr/sbin/service restartable-thing restart
	else
	echo 'What are you talking about?'
	exit 4
	fi