Skip to content

roachprod: distribute authorized_keys to creating user on gce#37438

Merged
craig[bot] merged 1 commit intocockroachdb:masterfrom
ajwerner:ajwerner/distribute-authorized-keys-for-creating-user-on-gce
Jun 4, 2019
Merged

roachprod: distribute authorized_keys to creating user on gce#37438
craig[bot] merged 1 commit intocockroachdb:masterfrom
ajwerner:ajwerner/distribute-authorized-keys-for-creating-user-on-gce

Conversation

@ajwerner
Copy link
Copy Markdown
Contributor

@ajwerner ajwerner commented May 10, 2019

Previously in #35759 logic was added to read public keys from the gce project
metadata and distribute them into the authorized_keys file of the shared user
(ubuntu) on AWS. #37077 primarily served to distribute known_hosts files to
the shared user (ubuntu) on both AWS and GCE as well as the creating user on GCE.
That change also included logic to write the authorized_keys file to the shared
user on GCE (as opposed to just AWS) in anticipation of switching roachprod to
use the shared user across cloud providers. This change extends the previous
change by also distributing all public keys to the authorized_keys file for the
cluster creating user on GCE.

Release note: None

@ajwerner ajwerner requested a review from andreimatei May 10, 2019 05:37
@cockroach-teamcity
Copy link
Copy Markdown
Member

cockroach-teamcity commented May 10, 2019

This change is Reviewable

andreimatei
andreimatei approved these changes May 16, 2019
View reviewed changes
Copy link
Copy Markdown
Contributor

@andreimatei andreimatei left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM thanks!
What's left for us to start using the shared used on GCE too, for uniformity with AWS (and because it seems saner)? Could "we" just do it here? :)

Reviewable status: :shipit: complete! 0 of 0 LGTMs obtained (waiting on @ajwerner and @andreimatei)

pkg/cmd/roachprod/install/cluster_synced.go, line 701 at r1 (raw file):

			sess.SetStdin(bytes.NewReader(c.AuthorizedKeys))

			const cmd = `

mind sprinkling some comments around here about what's going on?

roachprod: distribute authorized_keys to creating user on gce
dc83597 
Previously in cockroachdb#35759 logic was added to read public keys from the gce project
metadata and distribute them into the authorized_keys file of the shared user
(ubuntu) on AWS. cockroachdb#37077 primarily served to distribute known_hosts files to
the shared user (ubuntu) on both AWS and GCE as well as the creating user on GCE.
That change also included logic to write the authorized_keys file to the shared
user on GCE (as opposed to just AWS) in anticipation of switching roachprod to
use the shared user across cloud providers. This change extends the previous
change by also distributing all public keys to the authorized_keys file for the
cluster creating user on GCE.

Release note: None
ajwerner
ajwerner commented Jun 4, 2019
View reviewed changes
Copy link
Copy Markdown
Contributor Author

@ajwerner ajwerner left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reviewable status: :shipit: complete! 0 of 0 LGTMs obtained (waiting on @andreimatei)

pkg/cmd/roachprod/install/cluster_synced.go, line 701 at r1 (raw file):

Previously, andreimatei (Andrei Matei) wrote…

mind sprinkling some comments around here about what's going on?

Done.

@ajwerner ajwerner force-pushed the ajwerner/distribute-authorized-keys-for-creating-user-on-gce branch from f94f5ef to dc83597 Compare June 4, 2019 20:43
@ajwerner
Copy link
Copy Markdown
Contributor Author

ajwerner commented Jun 4, 2019

bors r+

craig bot pushed a commit that referenced this pull request Jun 4, 2019
Merge #37438
832e79a 
37438: roachprod: distribute authorized_keys to creating user on gce r=ajwerner a=ajwerner

Previously in #35759 logic was added to read public keys from the gce project
metadata and distribute them into the authorized_keys file of the shared user
(ubuntu) on AWS. #37077 primarily served to distribute known_hosts files to
the shared user (ubuntu) on both AWS and GCE as well as the creating user on GCE.
That change also included logic to write the authorized_keys file to the shared
user on GCE (as opposed to just AWS) in anticipation of switching roachprod to
use the shared user across cloud providers. This change extends the previous
change by also distributing all public keys to the authorized_keys file for the
cluster creating user on GCE.

Release note: None

Co-authored-by: Andrew Werner <ajwerner@cockroachlabs.com>
@craig
Copy link
Copy Markdown
Contributor

craig bot commented Jun 4, 2019

Build succeeded

@craig craig bot merged commit dc83597 into cockroachdb:master Jun 4, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@andreimatei andreimatei andreimatei approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@ajwerner @cockroach-teamcity @andreimatei