[jira] Commented: (WHIRR-70) decouple keypairs from the files that hold them

[Tom White (JIRA)]

    [ 
https://issues.apache.org/jira/browse/WHIRR-70?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12899017#action_12899017
 ] 

Tom White commented on WHIRR-70:
--------------------------------

This looks good. Comments:
* The setPrivateKey/setPublicKey methods on ClusterSpec that take a Payload are 
not used and can be removed.
* There seem to be quite a lot of whitespace changes which make it hard to 
follow what's changed and make some lines more than 80 characters long. If 
there are formatting changes that need making it's often better to have a 
single wholesale patch for them. Also, it's worth running {{mvn 
checkstyle:checkstyle}} to be sure you haven't introduced any formatting 
problems.
* Nit. Can we organize the imports alphabetically?

> decouple keypairs from the files that hold them
> -----------------------------------------------
>
>                 Key: WHIRR-70
>                 URL: https://issues.apache.org/jira/browse/WHIRR-70
>             Project: Whirr
>          Issue Type: Improvement
>            Reporter: Adrian Cole
>         Attachments: WHIRR-70.patch
>
>   Original Estimate: 1h
>  Remaining Estimate: 1h
>
> Currently, we have a method in ClusterSpec called setSecretKeyFile.  The 
> intention of this is to pass in the rsa identity used for ssh authentication 
> on the cloud nodes.  While this is generally on-disk, users may want to pass 
> this in from another source, for example an encrypted databag.
> I suggest we remove the methods in ClusterSpec that are File based, and push 
> the responsibility for reading files to the user.  Instead, I suggest we 
> offer methods that accept PEM strings for the public and private keys.  That 
> way, the user can get their keys from files, remote servers, keystores, or 
> anywhere, and we don't have an opinion precluding any of that.  Moreover, we 
> rid ourselves the need to write files.
> ex.  
> instead of 
>     clusterSpec.setSecretKeyFile(System.getProperty("user.home") + 
> "/.ssh/id_rsa");
> The user would do
>     clusterSpec.setPrivateKeyPem(Files.toString(new 
> File(System.getProperty("user.home") + "/.ssh/id_rsa"), Charsets.UTF_8));
> Or, we could have a utility method which would call Files.toString:
>     clusterSpec.setPrivateKeyPemFile(new File(System.getProperty("user.home") 
> + "/.ssh/id_rsa"));
> Bottom line is that we shouldn't require these pems to be on-disk, as they 
> are not always on-disk.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.