-
Notifications
You must be signed in to change notification settings - Fork 4.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Adding support for adding ssh public key from file #3245
Conversation
Hi @mad01. Thanks for your PR. I'm waiting for a kubernetes member to verify that this patch is reasonable to test. If it is, they should reply with I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
should be good to go. Did a new PR since i broke something in git on the old one. |
Looks good but two thoughts... Not sure if we discussed them on the previous PR or not: The username isn't used afaict. And it won't do anything so it might just cause confusion. I like the idea, but I'm thinking we add it when we can make it work? Or we could move it out of spec and into status. SshSecret implies it is secret, but the public key isn't. I'm thinking either SshCredential, or SshKey or ClusterKey because key is ambiguous. Or ClusterSecret, and we put more secrets in the same api object. Actually though neither of these is significant enough to block the PR, but I wanted to get your thoughts |
/ok-to-test |
/retest |
Flakiness is being tracked in upstream issue: kubernetes/kubernetes#51128, hopefully fixed by kubernetes/kubernetes#51144 |
/retest |
@justinsb right. It's true it's not actually a secret, your idea of changing the name makes since to something like SshCredential. I rather change it in this PR. Do you mean that the username can just be that i set to admin can just me a static string of |
@justinsb update the PR to not use secret, i changed it to SSHCredential. if i understand it correctly the username it static to admin. from my understanding it should be ok for now to set the key in AddSSHPublicKey to new example file would be apiVersion: kops/v1alpha2
kind: SSHCredential
metadata:
labels:
kops.k8s.io/cluster: dev.k8s.example.com
spec:
publicKey: "ssh-rsa AAAAB3NzaC1 dev@devbox" |
Thanks @mad01. On AWS, the SSH public key is currently only set in the user data, and then it is up to the AMI to configure it for whatever account makes sense. debian uses The name of the SSH public key as stored by kops is /lgtm |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: justinsb, mad01 The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these OWNERS Files:
You can indicate your approval by writing |
/test all [submit-queue is verifying that this PR is safe to merge] |
Automatic merge from submit-queue |
MVP implementation of adding secret from file related to #2195
kops create -f secret.yaml