-
Notifications
You must be signed in to change notification settings - Fork 10
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: Add support for the ssh_key parameter for credentials #247
Conversation
927d914
to
f3e4039
Compare
Codecov Report
@@ Coverage Diff @@
## main #247 +/- ##
==========================================
- Coverage 93.86% 93.55% -0.31%
==========================================
Files 67 67
Lines 2802 2841 +39
==========================================
+ Hits 2630 2658 +28
- Misses 172 183 +11
... and 2 files with indirect coverage changes 📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more |
272a570
to
d79331b
Compare
aa35328
to
ef0a512
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I like the approach, I couldn't think of a better way to handle the limitation of running the CLI on a container.
Unfortunately the UX is not great, but honestly I think this is the best we can have while distributing the CLI as a container...
ef0a512
to
2c6ef7a
Compare
01c4e65
to
a770451
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the hard work =D 👏🏽
BTW, I experimented with these changes and I think the UX is pretty solid 👍🏽 👍🏽 👍🏽
ea334d3
to
2066a9a
Compare
- Allows us to specify an ssh_key instead of a password or ssh_keyfile. - It is supported for both credential creation and edits. - Reducing the complexity of get_password by breaking out the logic for the individual credential attributes into their own functions. - Updated the input for sshkey to support entering data via stdin/heredoc. This requires running podman without the -t (attach tty) option. Note that not attaching a tty, one cannot enter password like parameters (password, sshpassphrase, etc), so a tty check is added to verify and enforce such cases.
- in preparation for adding the ssh_key credential tests updated the cred tests from unittest to pytest.
- Adding ssh_key related tests for the credentials add and edit CLI.
- updated the qpc man page for the new --sshkey option of the ssh_key credential attribute.
- Renaming the qpc tests from their tests_* unittest names to the pytest tests_* convention.
- combining password, become_password and ssh_passphrase to use a common _get_attribute_value method.
2066a9a
to
b0124c4
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
feat: Add support for the ssh_key parameter for credentials
This enhancement is to support Quipucords' quipucords/quipucords#2390
The usage for specifying an ssh key is prompted like the password or SSH Key passphrase. It is a non-echoed multiline input that gets ended with a Control-D.
Similarly with updates where just the credential name and sshkey need to be specified:
When not attaching a tty to the the docker image, the sshkey can be passed to qpc via stdin, either as a pipe to qpc or via a heredoc as follows:
or via a heredoc:
The above methods will work for both credential add or edits.
Note that if an sshkey is sent in via stdin, no other password type parameters can be prompted for by qpc as there will not be a tty attached. If both an sshkey and an sshpassphrase need to be entered in the same qpc command execution, this must be done with a tty attached, so no stdin pipe allowed for the sshkey. Automating such cases may require the use of expect with qpc or using the quipucords API directly.
Note: once this is a go, tests need to be added and the man page will also be updated in this PR.
To-do's: