Closed ben-grande closed 3 months ago
source_hash_sig When source is a remote file source, source_hash is a file, skip_verify is not true and use_etag is not true, ensure a valid GPG signature exists on the source hash file. Set this to true for an inline (clearsigned) signature, or to a file URI retrievable by :py:func:`cp.cache_file
for a detached one. Note
A signature on the source_hash file is enforced regardless of changes since its contents are used to check if an existing file is in the correct state - but only for remote sources! As for signature, existing target files will not be modified, only the cached source_hash and source_hash_sig files will be removed.
Not doing signature verification because the file is local is not great, it impacts on split setups where a qube downloads the file and the other has the archive and shasum locally.
Not doing signature verification because the file is local is not great, it impacts on split setups where a qube downloads the file and the other has the archive and shasum locally.
Because Qusal has no user for this now as tarballs are only used in split setups of a different qube download than the one verificating, these capabilities don't have any use at this moment, but good to be aware anwyay.
Current problem (if any)
PGP verification is done with
cmd.run
due to to unavailability of options in gpg.verify and archive.extracted.In Salt
3007.0
, new options to these modules have been added regarding PGP signature verification, most notably:signed_by_any
,signed_by_all
.gnupghome
andkeyring
. Thesource_hash_sig
Proposed solution
Evaluate if it is worth the change.
Sequoia has the GNUPG interface through
chameleon
, butgpg.verify
does not appear to have a way to specify thegpg
binary, in any way,chameleon
is not available in Debian yet, it is on Fedora though.When we migrate to Sequoia completely instead of GNUPG, unless Salt supports Sequoia, we are back to
cmd.run
as the module for signature verification.The value to a user, and who that user might be
Cleaner Salt output, less workarounds with
cmd.run
. Potentially a more tested program..