Deprecate the users ssh-authorized-keys property

[afbjorklund]

The previous cloud-config still works without any issues, but it doesn't pass validation - not even as deprecated.

Example from https://lima-vm.io default

Currently it does not validate, therefore.

commit b27f713

Proposed Commit Message

fix: deprecate ssh-authorized-keys in schema

Deprecate the users ssh-authorized-keys property

Additional Context

Test Steps

Checklist

• My code follows the process laid out in the documentation
• I have updated or added any unit tests accordingly
• I have updated or added any documentation accordingly

Merge type

• Squash merge using "Proposed Commit Message"
• Rebase and merge unique commits. Requires commit messages per-commit each referencing the pull request number (#<PR_NUM>)

[catmsred]

Thank you for helping improve cloud-init! Your change looks good to me. Have you done any additional testing to ensure that this change unblocks your use case? If so, feel free to add a comment expanding on it.

Additionally, can you also sign the CLA as part of this PR?

[afbjorklund]

Have you done any additional testing to ensure that this change unblocks your use case?

By allowing "ssh-authorized-keys" to pass, the rest of our generated cloud-config now passes.

• Validate generated user-data yaml with jsonschema lima-vm/lima#2267

There are two deprecations, but if I "fix" these they will break with older/other cloud-init...

We did find one bug, where we were passing trusted: null instead of omitting the field.

[afbjorklund]

Found an old report (from 2022), of the same issue.

Closes #3984

[TheRealFalcon]

@afbjorklund , To my knowledge, that isn't a valid key on any supported version of cloud-init. Do you have an example of a cloud-config that works when ssh-authorized-keys is used? If so, can you tell me what version of cloud-init that it works on for you?

Edit: nevermind, I wasn't thinking about the '-' to '_' replacement.

[afbjorklund]

There is still code in cloud-init, that replaces dashes in keys with underscores. I can get you versions, but all major distros at least

EDIT: Such as /usr/bin/cloud-init 23.4.4-0ubuntu0~22.04.1

[TheRealFalcon]

@afbjorklund , thanks for updated info. You are correct. I filed #5187 to fix the remaining keys.

The rest of the PR looks good, but for the CLA, I noticed that you signed the CLA, but haven't yet added yourself to the CLA signers file. As part of this PR, please also add your name (alphabetically) to the CLA signers file. The full details are described in the documentation.

[TheRealFalcon]

LGTM! Assuming CI passes, I'll merge it as-is.

[TheRealFalcon]

Bah, one more CI failure. JSON formatting:

diff --git a/cloudinit/config/schemas/schema-cloud-config-v1.json b/cloudinit/config/schemas/schema-cloud-config-v1.json
index 863c0c200..94a356747 100644
--- a/cloudinit/config/schemas/schema-cloud-config-v1.json
+++ b/cloudinit/config/schemas/schema-cloud-config-v1.json
@@ -361,7 +361,7 @@
           },
           "minItems": 1
         },
-       "ssh-authorized-keys": {
+        "ssh-authorized-keys": {
           "allOf": [
             {
               "type": "array",

[afbjorklund]

Weird, I thought I had updated that stray tab once already....