cloud-init

Merge lp:~darkmuggle-deactivatedaccount/cloud-init/lp1506244-ssh-key-value into lp:~cloud-init-dev/cloud-init/trunk

  1. lp1506244-ssh-key-value
  2. Merge into trunk
Proposed by Ben Howard
Status: Merged
Merged at revision: 1149
Proposed branch: lp:~darkmuggle-deactivatedaccount/cloud-init/lp1506244-ssh-key-value
Merge into: lp:~cloud-init-dev/cloud-init/trunk
Diff against target: 137 lines (+65/-21)
2 files modified
cloudinit/sources/DataSourceAzure.py (+12/-4)
tests/unittests/test_datasource/test_azure.py (+53/-17)
To merge this branch: bzr merge lp:~darkmuggle-deactivatedaccount/cloud-init/lp1506244-ssh-key-value
Reviewer Review Type Date Requested Status
Ben Howard Pending
Review via email: mp+274487@code.launchpad.net

Description of the change

Support SSH values in ovf-env.xml over fingerprints.

To post a comment you must log in.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'cloudinit/sources/DataSourceAzure.py'
2--- cloudinit/sources/DataSourceAzure.py 2015-07-22 19:17:10 +0000
3+++ cloudinit/sources/DataSourceAzure.py 2015-10-14 23:36:54 +0000
4@@ -148,9 +148,15 @@
5 wait_for = [shcfgxml]
6
7 fp_files = []
8+ key_value = None
9 for pk in self.cfg.get('_pubkeys', []):
10- bname = str(pk['fingerprint'] + ".crt")
11- fp_files += [os.path.join(ddir, bname)]
12+ if pk.get('value', None):
13+ key_value = pk['value']
14+ LOG.info("ssh authentication: using value from fabric")
15+ else:
16+ bname = str(pk['fingerprint'] + ".crt")
17+ fp_files += [os.path.join(ddir, bname)]
18+ LOG.info("ssh authentication: using fingerprint from fabirc")
19
20 missing = util.log_time(logfunc=LOG.debug, msg="waiting for files",
21 func=wait_for_files,
22@@ -166,7 +172,8 @@
23 metadata['instance-id'] = iid_from_shared_config(shcfgxml)
24 except ValueError as e:
25 LOG.warn("failed to get instance id in %s: %s", shcfgxml, e)
26- metadata['public-keys'] = pubkeys_from_crt_files(fp_files)
27+
28+ metadata['public-keys'] = key_value or pubkeys_from_crt_files(fp_files)
29 return metadata
30
31 def get_data(self):
32@@ -497,7 +504,8 @@
33 for pk_node in pubkeys:
34 if not pk_node.hasChildNodes():
35 continue
36- cur = {'fingerprint': "", 'path': ""}
37+
38+ cur = {'fingerprint': "", 'path': "", 'value': ""}
39 for child in pk_node.childNodes:
40 if child.nodeType == text_node or not child.localName:
41 continue
42
43=== modified file 'tests/unittests/test_datasource/test_azure.py'
44--- tests/unittests/test_datasource/test_azure.py 2015-07-22 19:17:10 +0000
45+++ tests/unittests/test_datasource/test_azure.py 2015-10-14 23:36:54 +0000
46@@ -54,10 +54,13 @@
47
48 if pubkeys:
49 content += "<SSH><PublicKeys>\n"
50- for fp, path in pubkeys:
51+ for fp, path, value in pubkeys:
52 content += " <PublicKey>"
53- content += ("<Fingerprint>%s</Fingerprint><Path>%s</Path>" %
54- (fp, path))
55+ if fp and path:
56+ content += ("<Fingerprint>%s</Fingerprint><Path>%s</Path>" %
57+ (fp, path))
58+ if value:
59+ content += "<Value>%s</Value>" % value
60 content += "</PublicKey>\n"
61 content += "</PublicKeys></SSH>"
62 content += """
63@@ -297,18 +300,51 @@
64 self.assertFalse(ret)
65 self.assertFalse('agent_invoked' in data)
66
67- def test_cfg_has_pubkeys(self):
68- odata = {'HostName': "myhost", 'UserName': "myuser"}
69- mypklist = [{'fingerprint': 'fp1', 'path': 'path1'}]
70- pubkeys = [(x['fingerprint'], x['path']) for x in mypklist]
71- data = {'ovfcontent': construct_valid_ovf_env(data=odata,
72- pubkeys=pubkeys)}
73-
74- dsrc = self._get_ds(data)
75- ret = dsrc.get_data()
76- self.assertTrue(ret)
77- for mypk in mypklist:
78- self.assertIn(mypk, dsrc.cfg['_pubkeys'])
79+ def test_cfg_has_pubkeys_fingerprint(self):
80+ odata = {'HostName': "myhost", 'UserName': "myuser"}
81+ mypklist = [{'fingerprint': 'fp1', 'path': 'path1', 'value': ''}]
82+ pubkeys = [(x['fingerprint'], x['path'], x['value']) for x in mypklist]
83+ data = {'ovfcontent': construct_valid_ovf_env(data=odata,
84+ pubkeys=pubkeys)}
85+
86+ dsrc = self._get_ds(data)
87+ ret = dsrc.get_data()
88+ self.assertTrue(ret)
89+ for mypk in mypklist:
90+ self.assertIn(mypk, dsrc.cfg['_pubkeys'])
91+ self.assertIn('pubkey_from', dsrc.metadata['public-keys'][-1])
92+
93+ def test_cfg_has_pubkeys_value(self):
94+ # make sure that provided key is used over fingerprint
95+ odata = {'HostName': "myhost", 'UserName': "myuser"}
96+ mypklist = [{'fingerprint': 'fp1', 'path': 'path1', 'value': 'value1'}]
97+ pubkeys = [(x['fingerprint'], x['path'], x['value']) for x in mypklist]
98+ data = {'ovfcontent': construct_valid_ovf_env(data=odata,
99+ pubkeys=pubkeys)}
100+
101+ dsrc = self._get_ds(data)
102+ ret = dsrc.get_data()
103+ self.assertTrue(ret)
104+
105+ for mypk in mypklist:
106+ self.assertIn(mypk, dsrc.cfg['_pubkeys'])
107+ self.assertIn(mypk['value'], dsrc.metadata['public-keys'])
108+
109+ def test_cfg_has_no_fingerprint_has_value(self):
110+ # test value is used when fingerprint not provided
111+ odata = {'HostName': "myhost", 'UserName': "myuser"}
112+ mypklist = [{'fingerprint': None, 'path': 'path1', 'value': 'value1'}]
113+ pubkeys = [(x['fingerprint'], x['path'], x['value']) for x in mypklist]
114+ data = {'ovfcontent': construct_valid_ovf_env(data=odata,
115+ pubkeys=pubkeys)}
116+
117+ dsrc = self._get_ds(data)
118+ ret = dsrc.get_data()
119+ self.assertTrue(ret)
120+
121+ for mypk in mypklist:
122+ self.assertIn(mypk['value'], dsrc.metadata['public-keys'])
123+
124
125 def test_default_ephemeral(self):
126 # make sure the ephemeral device works
127@@ -642,8 +678,8 @@
128 DataSourceAzure.read_azure_ovf, invalid_xml)
129
130 def test_load_with_pubkeys(self):
131- mypklist = [{'fingerprint': 'fp1', 'path': 'path1'}]
132- pubkeys = [(x['fingerprint'], x['path']) for x in mypklist]
133+ mypklist = [{'fingerprint': 'fp1', 'path': 'path1', 'value': ''}]
134+ pubkeys = [(x['fingerprint'], x['path'], x['value']) for x in mypklist]
135 content = construct_valid_ovf_env(pubkeys=pubkeys)
136 (_md, _ud, cfg) = DataSourceAzure.read_azure_ovf(content)
137 for mypk in mypklist: