cloud-init

Merge lp:~darkmuggle-deactivatedaccount/cloud-init/lp1506244-ssh-key-value into lp:~cloud-init-dev/cloud-init/trunk

  1. lp1506244-ssh-key-value
  2. Merge into trunk
Proposed by Ben Howard
Status: Merged
Merged at revision: 1149
Proposed branch: lp:~darkmuggle-deactivatedaccount/cloud-init/lp1506244-ssh-key-value
Merge into: lp:~cloud-init-dev/cloud-init/trunk
Diff against target: 137 lines (+65/-21)
2 files modified
cloudinit/sources/DataSourceAzure.py (+12/-4)
tests/unittests/test_datasource/test_azure.py (+53/-17)
To merge this branch: bzr merge lp:~darkmuggle-deactivatedaccount/cloud-init/lp1506244-ssh-key-value
Reviewer Review Type Date Requested Status
Ben Howard Pending
Review via email: mp+274487@code.launchpad.net

Description of the change

Support SSH values in ovf-env.xml over fingerprints.

To post a comment you must log in.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'cloudinit/sources/DataSourceAzure.py'
--- cloudinit/sources/DataSourceAzure.py 2015-07-22 19:17:10 +0000
+++ cloudinit/sources/DataSourceAzure.py 2015-10-14 23:36:54 +0000
@@ -148,9 +148,15 @@
148 wait_for = [shcfgxml]148 wait_for = [shcfgxml]
149149
150 fp_files = []150 fp_files = []
151 key_value = None
151 for pk in self.cfg.get('_pubkeys', []):152 for pk in self.cfg.get('_pubkeys', []):
152 bname = str(pk['fingerprint'] + ".crt")153 if pk.get('value', None):
153 fp_files += [os.path.join(ddir, bname)]154 key_value = pk['value']
155 LOG.info("ssh authentication: using value from fabric")
156 else:
157 bname = str(pk['fingerprint'] + ".crt")
158 fp_files += [os.path.join(ddir, bname)]
159 LOG.info("ssh authentication: using fingerprint from fabirc")
154160
155 missing = util.log_time(logfunc=LOG.debug, msg="waiting for files",161 missing = util.log_time(logfunc=LOG.debug, msg="waiting for files",
156 func=wait_for_files,162 func=wait_for_files,
@@ -166,7 +172,8 @@
166 metadata['instance-id'] = iid_from_shared_config(shcfgxml)172 metadata['instance-id'] = iid_from_shared_config(shcfgxml)
167 except ValueError as e:173 except ValueError as e:
168 LOG.warn("failed to get instance id in %s: %s", shcfgxml, e)174 LOG.warn("failed to get instance id in %s: %s", shcfgxml, e)
169 metadata['public-keys'] = pubkeys_from_crt_files(fp_files)175
176 metadata['public-keys'] = key_value or pubkeys_from_crt_files(fp_files)
170 return metadata177 return metadata
171178
172 def get_data(self):179 def get_data(self):
@@ -497,7 +504,8 @@
497 for pk_node in pubkeys:504 for pk_node in pubkeys:
498 if not pk_node.hasChildNodes():505 if not pk_node.hasChildNodes():
499 continue506 continue
500 cur = {'fingerprint': "", 'path': ""}507
508 cur = {'fingerprint': "", 'path': "", 'value': ""}
501 for child in pk_node.childNodes:509 for child in pk_node.childNodes:
502 if child.nodeType == text_node or not child.localName:510 if child.nodeType == text_node or not child.localName:
503 continue511 continue
504512
=== modified file 'tests/unittests/test_datasource/test_azure.py'
--- tests/unittests/test_datasource/test_azure.py 2015-07-22 19:17:10 +0000
+++ tests/unittests/test_datasource/test_azure.py 2015-10-14 23:36:54 +0000
@@ -54,10 +54,13 @@
5454
55 if pubkeys:55 if pubkeys:
56 content += "<SSH><PublicKeys>\n"56 content += "<SSH><PublicKeys>\n"
57 for fp, path in pubkeys:57 for fp, path, value in pubkeys:
58 content += " <PublicKey>"58 content += " <PublicKey>"
59 content += ("<Fingerprint>%s</Fingerprint><Path>%s</Path>" %59 if fp and path:
60 (fp, path))60 content += ("<Fingerprint>%s</Fingerprint><Path>%s</Path>" %
61 (fp, path))
62 if value:
63 content += "<Value>%s</Value>" % value
61 content += "</PublicKey>\n"64 content += "</PublicKey>\n"
62 content += "</PublicKeys></SSH>"65 content += "</PublicKeys></SSH>"
63 content += """66 content += """
@@ -297,18 +300,51 @@
297 self.assertFalse(ret)300 self.assertFalse(ret)
298 self.assertFalse('agent_invoked' in data)301 self.assertFalse('agent_invoked' in data)
299302
300 def test_cfg_has_pubkeys(self):303 def test_cfg_has_pubkeys_fingerprint(self):
301 odata = {'HostName': "myhost", 'UserName': "myuser"}304 odata = {'HostName': "myhost", 'UserName': "myuser"}
302 mypklist = [{'fingerprint': 'fp1', 'path': 'path1'}]305 mypklist = [{'fingerprint': 'fp1', 'path': 'path1', 'value': ''}]
303 pubkeys = [(x['fingerprint'], x['path']) for x in mypklist]306 pubkeys = [(x['fingerprint'], x['path'], x['value']) for x in mypklist]
304 data = {'ovfcontent': construct_valid_ovf_env(data=odata,307 data = {'ovfcontent': construct_valid_ovf_env(data=odata,
305 pubkeys=pubkeys)}308 pubkeys=pubkeys)}
306309
307 dsrc = self._get_ds(data)310 dsrc = self._get_ds(data)
308 ret = dsrc.get_data()311 ret = dsrc.get_data()
309 self.assertTrue(ret)312 self.assertTrue(ret)
310 for mypk in mypklist:313 for mypk in mypklist:
311 self.assertIn(mypk, dsrc.cfg['_pubkeys'])314 self.assertIn(mypk, dsrc.cfg['_pubkeys'])
315 self.assertIn('pubkey_from', dsrc.metadata['public-keys'][-1])
316
317 def test_cfg_has_pubkeys_value(self):
318 # make sure that provided key is used over fingerprint
319 odata = {'HostName': "myhost", 'UserName': "myuser"}
320 mypklist = [{'fingerprint': 'fp1', 'path': 'path1', 'value': 'value1'}]
321 pubkeys = [(x['fingerprint'], x['path'], x['value']) for x in mypklist]
322 data = {'ovfcontent': construct_valid_ovf_env(data=odata,
323 pubkeys=pubkeys)}
324
325 dsrc = self._get_ds(data)
326 ret = dsrc.get_data()
327 self.assertTrue(ret)
328
329 for mypk in mypklist:
330 self.assertIn(mypk, dsrc.cfg['_pubkeys'])
331 self.assertIn(mypk['value'], dsrc.metadata['public-keys'])
332
333 def test_cfg_has_no_fingerprint_has_value(self):
334 # test value is used when fingerprint not provided
335 odata = {'HostName': "myhost", 'UserName': "myuser"}
336 mypklist = [{'fingerprint': None, 'path': 'path1', 'value': 'value1'}]
337 pubkeys = [(x['fingerprint'], x['path'], x['value']) for x in mypklist]
338 data = {'ovfcontent': construct_valid_ovf_env(data=odata,
339 pubkeys=pubkeys)}
340
341 dsrc = self._get_ds(data)
342 ret = dsrc.get_data()
343 self.assertTrue(ret)
344
345 for mypk in mypklist:
346 self.assertIn(mypk['value'], dsrc.metadata['public-keys'])
347
312348
313 def test_default_ephemeral(self):349 def test_default_ephemeral(self):
314 # make sure the ephemeral device works350 # make sure the ephemeral device works
@@ -642,8 +678,8 @@
642 DataSourceAzure.read_azure_ovf, invalid_xml)678 DataSourceAzure.read_azure_ovf, invalid_xml)
643679
644 def test_load_with_pubkeys(self):680 def test_load_with_pubkeys(self):
645 mypklist = [{'fingerprint': 'fp1', 'path': 'path1'}]681 mypklist = [{'fingerprint': 'fp1', 'path': 'path1', 'value': ''}]
646 pubkeys = [(x['fingerprint'], x['path']) for x in mypklist]682 pubkeys = [(x['fingerprint'], x['path'], x['value']) for x in mypklist]
647 content = construct_valid_ovf_env(pubkeys=pubkeys)683 content = construct_valid_ovf_env(pubkeys=pubkeys)
648 (_md, _ud, cfg) = DataSourceAzure.read_azure_ovf(content)684 (_md, _ud, cfg) = DataSourceAzure.read_azure_ovf(content)
649 for mypk in mypklist:685 for mypk in mypklist: