Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add comment parameter to openssl_publickey #56149

Open
wants to merge 1 commit into
base: devel
from

Conversation

Projects
None yet
3 participants
@tterranigma
Copy link
Contributor

commented May 6, 2019

SUMMARY

This adds a new parameter to the openssl_publickey module that allows the user to have a comment at the end of the public key, similar to the -C option of ssh-keygen.

ISSUE TYPE
  • Feature Pull Request
COMPONENT NAME

openssl_publickey

@ansibot

This comment has been minimized.

@felixfontein
Copy link
Contributor

left a comment

First of all, how should this look like for PEM (OpenSSL) keys?

Then:

  • Idempotency checks are missing.
  • You should add integration tests for this.
  • You should add some validations, like disallowing \n in comments for OpenSSH keys. Also, what should be returned in absence of comments? Currently you're returning undefined.
description:
- A comment to append to the public key
type: str
version_added: "2.8"

This comment has been minimized.

Copy link
@felixfontein

felixfontein May 7, 2019

Contributor
Suggested change
version_added: "2.8"
version_added: "2.9"

No new features are accepted for Ansible 2.8.

@@ -288,6 +299,9 @@ def dump(self):
if self.backup_file:
result['backup_file'] = self.backup_file

if self.pubkey_comment:
result['comment'] = self.pubkey_comment

This comment has been minimized.

Copy link
@felixfontein

felixfontein May 7, 2019

Contributor

You need to document this in return values if you return it.

@@ -214,6 +221,10 @@ def generate(self, module):

if self.backup:
self.backup_file = module.backup_local(self.path)

if self.pubkey_comment is not None:
publickey_content = publickey_content + (" " + self.pubkey_comment).encode('utf-8')

This comment has been minimized.

Copy link
@felixfontein

felixfontein May 7, 2019

Contributor

I think this only makes sense for OpenSSH keys. For OpenSSL PEM keys, you don't want to append text in the same line directly after ----- END PUBLIC KEY -----.

@ansibot ansibot removed the needs_triage label May 7, 2019

@ansibot ansibot added the stale_ci label May 16, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.