Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

gpg.export_key add output and bare functionality #62979

Merged
merged 12 commits into from
Nov 9, 2022
Merged

gpg.export_key add output and bare functionality #62979

merged 12 commits into from
Nov 9, 2022

Conversation

leifliddy
Copy link
Contributor

What does this PR do?

It adds output and bare functionality to the export_key gpg function

What issues does this PR fix or reference?

Fixes: #62978

Merge requirements satisfied?

[NOTICE] Bug fixes or features added to Salt require tests.

Commits signed with GPG?

Yes

@leifliddy leifliddy requested a review from a team as a code owner October 30, 2022 15:00
@leifliddy leifliddy requested review from whytewolf and removed request for a team October 30, 2022 15:00
@leifliddy
updated test_gpg tests
c8491af 
A passphrase is needed to export an encrypted gpg private key
A passphase is not need to export a public key
The tests have been updated to reflect that fact.
One test was removed as it was attempting to export a private key
without pillar (but it was in fact using pillar to do that)
@leifliddy
corrected minor typo
4da5dc9
@leifliddy leifliddy changed the title add output and bare functionality add output and bare functionality to GPG export_keys Oct 30, 2022
@leifliddy
Copy link
Contributor Author

leifliddy commented Oct 30, 2022
edited
Loading

Note:

  1. A passphrase is not needed to export a public key -- it's only needed to export an encrypted private (aka secret) key.
    The logic in gpg module and tests has been updated to reflect that.
  2. The gpg function export_keys only returns string data and not a result object. Since we can't query result.status, we must infer whether export_keys was successful of not by simply checking to see whether it returned anything. It's pretty basic, but it's better then nothing. It's the same thing you'll encounter when exporting a key with gpg on the cmd line. Because of this, I thought it was best to keep the tests the same and have them all use bare=True so they can continue to inspect the returned data (vs checking to whether res is True)
  3. The benefit this PR provides is the ability to export keys to disk vs simply displaying them on the screen.
  4. This PR was recently merged: Add ability to export key(s) to a file.  vsajip/python-gnupg#212
    This will allow the gpg export_keys function to write key data directly to disk.
    We can use this functionality at some point in the future so we could avoid having to write the key data to disk ourselves.
with salt.utils.files.flopen(output, "w") as fout:
    fout.write(salt.utils.stringutils.to_str(result))

@leifliddy leifliddy changed the title add output and bare functionality to GPG export_keys gpg.export_key add output and bare functionality Nov 1, 2022
@leifliddy
Copy link
Contributor Author

Update:
I need to rebase my changes to this PR as I submitted multiple gpg.py PRs at once.
I'd like to wait until this PR gets approved #62977 before doing that so I don't have to rebase this PR multiple times.

@Ch3LL
Copy link
Contributor

Ch3LL commented Nov 7, 2022

is this ready for review?

@leifliddy
Copy link
Contributor Author

Yes, could you please review it and let me know what you think?

Ch3LL
Ch3LL suggested changes Nov 8, 2022
View reviewed changes
salt/modules/gpg.py Show resolved Hide resolved
salt/modules/gpg.py Outdated Show resolved Hide resolved
salt/modules/gpg.py Show resolved Hide resolved
salt/modules/gpg.py Show resolved Hide resolved
@leifliddy
Copy link
Contributor Author

@Ch3LL Ok I just pushed the requested changes except for the file write one. Could you please review my comment on that when you can?

@Ch3LL Ch3LL merged commit b91a6aa into saltstack:master Nov 9, 2022
@leifliddy leifliddy deleted the export_keys branch November 12, 2022 15:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Ch3LL Ch3LL Ch3LL approved these changes

@whytewolf whytewolf Awaiting requested review from whytewolf whytewolf was automatically assigned from saltstack/team-core

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[FEATURE REQUEST] add output and bare args to export_key gpg function
2 participants
@leifliddy @Ch3LL