pavanaravapalli commented on code in PR #12059:
URL: https://github.com/apache/cloudstack/pull/12059#discussion_r2556417322
##########
server/src/main/java/com/cloud/server/ConfigurationServerImpl.java:
##########
@@ -617,7 +617,9 @@ public void updateKeyPairs() {
// FIXME: take a global database lock here for safety.
boolean onWindows = isOnWindows();
if(!onWindows) {
- Script.runSimpleBashScript("if [ -f " + privkeyfile + " ];
then rm -f " + privkeyfile + "; fi; ssh-keygen -t ecdsa -m PEM -N '' -f " +
privkeyfile + " -q 2>/dev/null || ssh-keygen -t ecdsa -N '' -f " + privkeyfile
+ " -q");
+ if (!privkeyfile.exists() && !pubkeyfile.exists()) {
Review Comment:
@weizhouapache
cc @DaanHoogland
The OR (||) condition doesn’t handle the edge case correctly. We should skip
key generation only when both keys are present. If either one is missing or
both are missing, then generating new keys is the right approach.
I don’t think the second suggestion from Copilot aligns with this
requirement. Also, in practice, it’s unlikely that only one of the keys would
exist, which is why I originally used the AND condition.
"*do nothing when both keys are present; otherwise proceed with key
generation.*" That would fit our intention. I can update this change—let me
know if you'd like me to proceed.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
