Open ghost opened 8 years ago
Your suggestion is to add a comment
parameter to the ssh_known_hosts
resource type which would add it at the end of line, right?
I was thinking of adding the 'common' parameter to the sshkey resource, so you could for example write: sshkey { "foo.example.com": ensure => present, type => "ssh-rsa", key => "AAADEADMEAT", comment => "This certificate was added by puppet", }
My other request was a change to the known_hosts.aug lense (replace Util.eol with Util.comment_or_eol) to make it tolerate already existing comments in the known_hosts file. This could be implemented, and would be useful, even if the sshkey common parameter for some reason should not be implemented.
For the lens change, I suggest you open a PR against augeas instead.
As for ssh_key, it would be better to get the parameter added to the type in puppet itself. Although it is technically doable with monkey patching, I'd rather avoid it.
To me it looks like the change to the lense to allow comments has already been implemented in the augeas repo (https://github.com/hercules-team/augeas/blob/master/lenses/known_hosts.aug). The augeasproviders_ssh module seems to have a copy of the same file, but maybe an older version? (https://github.com/hercules-team/augeasproviders_ssh/blob/master/lib/augeas/lenses/known_hosts.aug)
Ah right, I will sync the lens with the official version.
Synced in 39c6be93d54ac4796767f98d382039f74125a24a
Thanks.
It would be nice if the augeas lense for the ssh_known_hosts file would tolerate end of line comments on existing entries in the file. The following lense grammar has this feature, so it should be easy to add:
https://github.com/hercules-team/augeas/blob/master/lenses/known_hosts.aug
It would also be great if the sshkey resource would take an optional 'comment' parameter so that comments could be added to new sshkey entries.