canonical / cloud-init

Official upstream for the cloud-init: cloud instance initialization

https://cloud-init.io/

Other

2.91k stars 869 forks source link

User/Group keys with dashes not included in schema #5187

Open TheRealFalcon opened 5 months ago

TheRealFalcon commented 5 months ago

Bug report

Due to some unfortunate old code, every users/groups key in our user data allows for both underscores and dashes. For example, if we define the key as ssh_authorized_keys, then ssh-authorized-keys is also valid.

The schema for all of the user and group properties contains the _ version of the key but not the - version. The schema needs to be updated to allow both while specifying that the - version is deprecated.

https://github.com/canonical/cloud-init/pull/5162 already does this for ssh-authorized-keys, but we should do it for the remaining keys to be consistent.

afbjorklund commented 5 months ago

The ca-certs was fixed earlier, but we weren't using schema back then so it was noticed and changed manually...

commit af7eb1deab12c7208853c5d18b55228e0ba29c4d

Continue to honor deprecated config keys but emit DEPRECATION warnings in logs for continued use of the deprecated keys:

apt_sources key

any apt v1 or v2 keys

use or ca-certs or ca_certs.remove-defaults

    "cc_ca_certs": {
      "type": "object",
      "properties": {
        "ca_certs": {
          "$ref": "#/$defs/ca_certs.properties"
        },
        "ca-certs": {
          "allOf": [
            {
              "$ref": "#/$defs/ca_certs.properties"
            },
            {
              "deprecated": true,
              "deprecated_version": "22.3",
              "deprecated_description": "Use ``ca_certs`` instead."
            }
          ]
        }
      }
    },

commit 6296124cc71e9c2503abebf30f7b1e224ab04b6f

CalvoM commented 5 months ago

Tracking at https://warthogs.atlassian.net/browse/SC-1777