This diff introduces support for pubkey, which is added through cloud-init. WIP, open for discussion.
Details
Diff Detail
- Repository
- rTCLOUD testcloud
- Branch
- feature/pubkey
- Lint
Lint OK - Unit
Unit Tests OK - Build Status
Buildable 123 Build 123: arc lint + arc unit
testcloud/config.py | ||
---|---|---|
94 | isn't the password valid for fedora user? |
Other than the root-as-default bit, it looks pretty good to me.
The other thing I'm wondering is if --username, --password and --pubkey options should be added to the CLI. If so, that could be done as another ticket.
testcloud/config.py | ||
---|---|---|
94 | I don't think that root is an appropriate default. It's what we end up using in Taskotron but I don't see a reason to deviate from the default in the cloud WG in testcloud |
I almost forgot - the config changes should go into conf/settings-example.py as well with some sane defaults
This is partially covered by the --ssh user@machine option, mainly for debugging reasons. In production, I would expect the taskotron to specify username (and password) for me.
Regarding the --pubkey option, we could use --ssh-privkey option and expect the public key to be named same as privkey only with .pub suffix. I think it is the most common naming and we can always implement --pubkey later. Or do I miss something and inferring pubkey name from privkey is bad idea?
sorry, missed this the first time around
testcloud/instance.py | ||
---|---|---|
117 | now that I'm looking at this again, I don't like having bits that can throw exceptions in constructors please move the file opening bits outside the constructor or wrap it in try/except and log the error. |
testcloud/instance.py | ||
---|---|---|
117 | I don't know the code much, but this comment caught my attention, so I searched a bit for Python guidelines about exceptions in constructors. I've found this: After reading it, it seems obviously OK to raise stuff like ValueError for invalid parameter values. Reading a file and potentially raising an IOError (or maybe even something else, not sure what can all happen during .read()), is something a bit different, but for very short files (like pubkeys), I find it quite similar to just an invalid parameter value. So I wouldn't mind. But the exception should be definitely documented in a docstring, so people can guard against it. Or, if it can potentially raise multiple errors, or we want to make it easy for people to handle testcloud errors, it could be wrapped in a try-except (even blank except) block and raised as a custom testcloud error. What I wouldn't do is just to log the error and fall back to pubkey=None. The user explicitly requested a particular pubkey to work, it should fail if we can't make it happen. The other possible approach is to move the file reading code to the actual method that uses it (I guess that's _create_user_data). It will not raise during constructor init, which I find helpful (faster class initialization, no potentially intensive code run in init) and unhelpful (it's better to fail early than late, it wastes user's time and it's much harder to tear down stuff later on). So, that was just me pondering about this. |
I'm still unsure about the need for this change - since you can do this yourself in the config file (it'll take any valid cloud-init data), totally side stepping the need for reading in a file. But my reservations aren't enough to say no to it. It just means there are now 2 places you can do this from which could potentially add to debug time when helping users troubleshoot.
Overall, the change looks good. I don't personally see a reason to not allow exceptions to be raised in init, and the arguments from @kparal's link were compelling.
isn't the password valid for fedora user?