Merge ~tsimonq2/ssh-import-id/+git/add-team-support:master into ssh-import-id:master
Status: | Needs review | ||||
---|---|---|---|---|---|
Proposed branch: | ~tsimonq2/ssh-import-id/+git/add-team-support:master | ||||
Merge into: | ssh-import-id:master | ||||
Diff against target: |
32 lines (+14/-1) 1 file modified
ssh_import_id/__init__.py (+14/-1) |
||||
Related bugs: |
|
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Scott Moser | Needs Fixing | ||
Review via email: mp+348434@code.launchpad.net |
Commit message
Add team support to the Launchpad interface (LP: #1745538).
Description of the change
This adds team support to the Launchpad interface for ssh-import-id.
This is done in fetch_keys because it's the right middle point between calling the function to fetch the keys and actually doing it.
It logs into Launchpad anonymously, checks if the ID is valid (and errors out if it isn't), and checks to see if it's a team. If it is a team, it recursively gets the SSH key for every member of the team who has an active Launchpad account (which doesn't include other teams, but could be implemented in the future). If it isn't a team, it just does what it normally does.
If it matters, I have signed the Canonical CLA.
Thanks, and I look forward to your feedback.
Well, I like the idea of adding group support.
Unfortunately, I don't have a better solution that provides the desired functionality.
Perhaps we could require '--team' or 'lp:team-myteam' or some other way of indicating that the input is a team. Then we could opportunistically import Launchpadlib and take that path for the team. If the import failed give a reasonable error.
What I'm not so happy about in this implementation is:
a.) the existing user case pays a speed penalty launchpad import Launchpad' --number=3 --repeat=1 'Launchpad. login_anonymous ly("ssh- import- id", "production", version="devel")'
$ time python3 -m timeit --setup='from launchpadlib.
3 loops, best of 1: 1.07 sec per loop
b.) added dependency on Launchpadlib is pretty large. launchpadlib | grep Depen lazr.restfulcli ent (>= 0.11.2), python3-lazr.uri (>= 1.0.2-4~), python3-simplejson, python3-wadllib, python3:any (>= 3.3.2-2~)
$ apt-cache show python3-
Depends: python3-httplib2 (>= 0.4.0), python3-keyring (>= 0.5), python3-
In a standard cloud image, that ends up getting 10 new packages and 2.6M new paste.ubuntu. com/p/2sMhtw7K2 d/
disk footprint (in bionic). http://
c.) version='devel'.
I think this is basically saying "give me the latest api". Which is kind of a guarantee that it will be broken at some point. Using a 'devel' or 'latest' version of anything isn't really acceptable for something that is expected to continue to work for any reasonable amount of time (such as that of an Ubuntu LTS).
What do you think?