cloud-init

Merge ~powersj/cloud-init:cii-ssh-keyname into cloud-init:master

  1. Git
  2. lp:~powersj/cloud-init
  3. cii-ssh-keyname
  4. Merge into master
Proposed by Joshua Powers
Status: Merged
Approved by: Scott Moser
Approved revision: 792fa73d40d2058935deb67650167bfefe0085a8
Merged at revision: 792fa73d40d2058935deb67650167bfefe0085a8
Proposed branch: ~powersj/cloud-init:cii-ssh-keyname
Merge into: cloud-init:master
Diff against target: 28 lines (+3/-3)
2 files modified
tests/cloud_tests/platforms.yaml (+2/-2)
tests/cloud_tests/platforms/platforms.py (+1/-1)
Reviewer Review Type Date Requested Status
Scott Moser Approve
Server Team CI bot continuous-integration Approve
Review via email: mp+335855@code.launchpad.net

Commit message

tests: rename test ssh keys to avoid appearance of leaking private keys.

While the generated ssh keys are throw away keys, generating SSH keys
with the default name (e.g. id_rsa) can trigger security scanners or
draw unnecessary attention.

The change here simply renames 'id_rsa' to 'cloud_init_rsa' to avoid
a false positive reported by a scanning tool.

To post a comment you must log in.
Revision history for this message
Server Team CI bot (server-team-bot) wrote :

PASSED: Continuous integration, rev:792fa73d40d2058935deb67650167bfefe0085a8
https://jenkins.ubuntu.com/server/job/cloud-init-ci/675/
Executed test runs:
    SUCCESS: Checkout
    SUCCESS: Unit & Style Tests
    SUCCESS: Ubuntu LTS: Build
    SUCCESS: Ubuntu LTS: Integration
    SUCCESS: MAAS Compatability Testing
    IN_PROGRESS: Declarative: Post Actions

Click here to trigger a rebuild:
https://jenkins.ubuntu.com/server/job/cloud-init-ci/675/rebuild

review: Approve (continuous-integration)
Revision history for this message
Scott Moser (smoser) wrote :

So some tool just didn't like a file existing with the name 'id_rsa' ?
that seems overly simplistic and not entirely useful. I personally don't like files named "cubs-stink", but if some program creates them, I dont ask that program to change its behaviors.

Anyway..

Can we at least mention *what* was complaining rather than just "comply with a request".

Revision history for this message
Joshua Powers (powersj) wrote :

Updated commit message

Revision history for this message
Scott Moser (smoser) :
review: Approve

There was an error fetching revisions from git servers. Please try again in a few minutes. If the problem persists, contact Launchpad support.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/tests/cloud_tests/platforms.yaml b/tests/cloud_tests/platforms.yaml
2index cb1c904..448aa98 100644
3--- a/tests/cloud_tests/platforms.yaml
4+++ b/tests/cloud_tests/platforms.yaml
5@@ -6,8 +6,8 @@ default_platform_config:
6 get_image_timeout: 300
7 # maximum time to create instance (before waiting for cloud-init)
8 create_instance_timeout: 60
9- private_key: id_rsa
10- public_key: id_rsa.pub
11+ private_key: cloud_init_rsa
12+ public_key: cloud_init_rsa.pub
13 platforms:
14 ec2:
15 enabled: true
16diff --git a/tests/cloud_tests/platforms/platforms.py b/tests/cloud_tests/platforms/platforms.py
17index d4e5c56..1542b3b 100644
18--- a/tests/cloud_tests/platforms/platforms.py
19+++ b/tests/cloud_tests/platforms/platforms.py
20@@ -33,7 +33,7 @@ class Platform(object):
21
22 def _generate_ssh_keys(self, data_dir):
23 """Generate SSH keys to be used with image."""
24- filename = os.path.join(data_dir, 'id_rsa')
25+ filename = os.path.join(data_dir, self.config['private_key'])
26
27 if os.path.exists(filename):
28 c_util.del_file(filename)

Subscribers

People subscribed via source and target branches