Do not generate the ganeti_pub_keys file with --no-ssh-init
authorHrvoje Ribicic <riba@google.com>
Wed, 18 Nov 2015 14:58:51 +0000 (14:58 +0000)
committerHrvoje Ribicic <riba@google.com>
Fri, 20 Nov 2015 10:14:10 +0000 (11:14 +0100)
Prior to this patch, gnt-cluster renew-crypto still created the
ganeti_pub_keys file regardless of whether the cluster was initiated
with --no-ssh-init or not. Instead, query the matching config parameter
and build the file only if Ganeti manages SSH keys.

Signed-off-by: Hrvoje Ribicic <riba@google.com>
Reviewed-by: Helga Velroyen <helgav@google.com>

lib/client/gnt_cluster.py
test/py/ganeti.client.gnt_cluster_unittest.py

index 618415b..2de389e 100644 (file)
@@ -1212,18 +1212,24 @@ def _BuildGanetiPubKeys(options, pub_key_file=pathutils.SSH_PUB_KEYS, cl=None,
   """Recreates the 'ganeti_pub_key' file by polling all nodes.
 
   """
+
+  if not cl:
+    cl = GetClient()
+
+  (cluster_name, master_node, modify_ssh_setup) = \
+    cl.QueryConfigValues(["cluster_name", "master_node", "modify_ssh_setup"])
+
+  # In case Ganeti is not supposed to modify the SSH setup, simply exit and do
+  # not update this file.
+  if not modify_ssh_setup:
+    return
+
   if os.path.exists(pub_key_file):
     utils.CreateBackup(pub_key_file)
     utils.RemoveFile(pub_key_file)
 
   ssh.ClearPubKeyFile(pub_key_file)
 
-  if not cl:
-    cl = GetClient()
-
-  (cluster_name, master_node) = \
-    cl.QueryConfigValues(["cluster_name", "master_node"])
-
   online_nodes = get_online_nodes_fn([], cl=cl)
   ssh_ports = get_nodes_ssh_ports_fn(online_nodes + [master_node], cl)
   ssh_port_map = dict(zip(online_nodes + [master_node], ssh_ports))
index be28eb2..595864a 100755 (executable)
@@ -380,6 +380,7 @@ class TestBuildGanetiPubKeys(testutils.GanetiTestCase):
   _CLUSTER_NAME = "cluster_name"
   _PRIV_KEY = "master_private_key"
   _PUB_KEY = "master_public_key"
+  _MODIFY_SSH_SETUP = True
   _AUTH_KEYS = "a\nb\nc"
 
   def _setUpFakeKeys(self):
@@ -411,7 +412,7 @@ class TestBuildGanetiPubKeys(testutils.GanetiTestCase):
     self.mock_cl = mock.Mock()
     self.mock_cl.QueryConfigValues = mock.Mock()
     self.mock_cl.QueryConfigValues.return_value = \
-      (self._CLUSTER_NAME, self._MASTER_NODE_NAME)
+      (self._CLUSTER_NAME, self._MASTER_NODE_NAME, self._MODIFY_SSH_SETUP)
 
     self._get_online_nodes_mock = mock.Mock()
     self._get_online_nodes_mock.return_value = \