-
Notifications
You must be signed in to change notification settings - Fork 86
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
openssh_keypair - Add diff support and general cleanup #260
openssh_keypair - Add diff support and general cleanup #260
Conversation
…ng CentOS6 restrictions
ba5f34c
to
8cf4026
Compare
Please note that ansible-test's recently updated pylint reports some failures for this PR. |
Addressed with the latest commit. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good! I mainly have a few comments on some helpers.
Done, I had also moved around some method definitions to make the classes more readable, but no functional changes in the last two commits. |
@Ajpantuso thanks a lot for implementing this! |
SUMMARY
Adds
diff
support foropenssh_keypair
as well as enhances file overwriting operations to preserve and restore from backup in the event of failure. Also integrates both of theopenssh_*
modules to ensure consistency.ISSUE TYPE
COMPONENT NAME
plugins/modules/openssh_cert.py
plugins/modules/openssh_keypair.py
ADDITIONAL INFORMATION
Fixes some issues for file permissions as well:
ssh-keygen
preserves the original files permissions when overwriting and these changes ensure thecryptography
backend does the same.atomic_move
is replaced withpreserved_copy
when no file exists at the destination to prevent a potentially secure file from being updated with permissions from the parent directory's mask.