Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow setup-gpg.sh --import to receive, trust, and add to configure multiple public keys at once #421

Merged
merged 2 commits into from
Oct 27, 2023

Conversation

P-EB
Copy link
Contributor

@P-EB P-EB commented Sep 29, 2023

Hello,

While the whole bastion logic seems to allow for multiple admin keys, the import system doesn't allow for it as it only keeps the latest added key, only trusts this one and then add it to the rsync/backup configurations (and refuses to run more than once as soon as these configurations exist).

While it's not perfect as it doesn't handle the multiple layers considered in the rsync system, this patch should give bastion users plenty more flexibility to handle admin keys addition.

bin/admin/setup-gpg.sh Outdated Show resolved Hide resolved
bin/admin/setup-gpg.sh Outdated Show resolved Hide resolved
@speed47
Copy link
Collaborator

speed47 commented Oct 3, 2023

You might want to rebase over current master, which will give you nice tools for a dev environment, including pre-commit hooks to ensure that your code validates perlcritic/perltidy/shellcheck locally :)

Corresponding doc is here https://ovh.github.io/the-bastion/development/setup.html#git-pre-commit-hook

I'm interested in hearing about any feedback you may have on this, it's supposed to be pretty quick to setup!

@P-EB P-EB force-pushed the feature/handle_multiple_admin_keys branch from 0fc9fd7 to a226b9c Compare October 12, 2023 14:32
@P-EB
Copy link
Contributor Author

P-EB commented Oct 12, 2023

You might want to rebase over current master, which will give you nice tools for a dev environment, including pre-commit hooks to ensure that your code validates perlcritic/perltidy/shellcheck locally :)

Corresponding doc is here https://ovh.github.io/the-bastion/development/setup.html#git-pre-commit-hook

I'm interested in hearing about any feedback you may have on this, it's supposed to be pretty quick to setup!

Thanks!

I've enabled the hook now, I'll see how it behaves in the next commits. :)

@P-EB P-EB force-pushed the feature/handle_multiple_admin_keys branch from a226b9c to d9431b6 Compare October 16, 2023 14:55
@speed47 speed47 added the tests:full Launch full tests through GitHub Actions label Oct 23, 2023
@speed47 speed47 force-pushed the feature/handle_multiple_admin_keys branch from ca7eb5b to 6ff1990 Compare October 25, 2023 09:09
@speed47
Copy link
Collaborator

speed47 commented Oct 27, 2023

FreeBSD workflow is broken due to the GitHub vmactions workflow being stuck in a boot loop as can be seen here vmactions/freebsd-vm#74 .
Will fix this in another PR.

@speed47 speed47 merged commit d3ece7b into ovh:master Oct 27, 2023
14 of 15 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
tests:full Launch full tests through GitHub Actions
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants