Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

openssh_keypair - Add diff support and general cleanup #260

Merged
merged 10 commits into from
Aug 18, 2021
Merged

openssh_keypair - Add diff support and general cleanup #260

merged 10 commits into from
Aug 18, 2021

Conversation

Ajpantuso
Copy link
Collaborator

SUMMARY

Adds diff support for openssh_keypair as well as enhances file overwriting operations to preserve and restore from backup in the event of failure. Also integrates both of the openssh_* modules to ensure consistency.

ISSUE TYPE
  • Feature Pull Request
COMPONENT NAME

plugins/modules/openssh_cert.py
plugins/modules/openssh_keypair.py

ADDITIONAL INFORMATION

Fixes some issues for file permissions as well:

  • openssh_keypair - ssh-keygen preserves the original files permissions when overwriting and these changes ensure the cryptography backend does the same.
  • both modules - Ensures that atomic_move is replaced with preserved_copy when no file exists at the destination to prevent a potentially secure file from being updated with permissions from the parent directory's mask.

@Ajpantuso Ajpantuso changed the title [WIP] openssh_keypair - Add diff support and general cleanup openssh_keypair - Add diff support and general cleanup Aug 4, 2021
@Ajpantuso Ajpantuso marked this pull request as ready for review August 4, 2021 22:31
This was referenced Aug 8, 2021
Closed
Closed
@felixfontein
Copy link
Contributor

Please note that ansible-test's recently updated pylint reports some failures for this PR.

@Ajpantuso
Copy link
Collaborator Author

Please note that ansible-test's recently updated pylint reports some failures for this PR.

Addressed with the latest commit.

felixfontein
felixfontein reviewed Aug 17, 2021
View reviewed changes
Copy link
Contributor

@felixfontein felixfontein left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good! I mainly have a few comments on some helpers.

plugins/module_utils/openssh/backends/common.py Show resolved Hide resolved
plugins/module_utils/openssh/backends/common.py Outdated Show resolved Hide resolved
plugins/module_utils/openssh/backends/common.py Outdated Show resolved Hide resolved
plugins/module_utils/openssh/backends/common.py Show resolved Hide resolved
@Ajpantuso
Copy link
Collaborator Author

Looks good! I mainly have a few comments on some helpers.

Done, I had also moved around some method definitions to make the classes more readable, but no functional changes in the last two commits.

@felixfontein felixfontein merged commit 08ada24 into ansible-collections:main Aug 18, 2021
@felixfontein
Copy link
Contributor

@Ajpantuso thanks a lot for implementing this!

@Ajpantuso Ajpantuso deleted the openssh_keypair_cleanup branch August 18, 2021 10:32
@renovate renovate bot mentioned this pull request Aug 30, 2021
Merged
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@felixfontein felixfontein felixfontein approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Ajpantuso @felixfontein