bring back filtering function for older srl releases

steiler · Nov 10, 2023 · 603c32d · 603c32d
1 parent fc92c61
commit 603c32d
Show file tree

Hide file tree

Showing 3 changed files with 66 additions and 0 deletions.
diff --git a/nodes/srl/srl.go b/nodes/srl/srl.go
@@ -602,6 +602,11 @@ func (n *srl) addDefaultConfig(ctx context.Context) error {
 	// so we add the keys to the template data for rendering.
 	if len(n.sshPubKeys) > 0 && (semver.Compare(n.swVersion.String(), "v23.10") >= 0 || n.swVersion.major == "0") {
 		tplData.SSHPubKeys = catenateKeys(n.sshPubKeys)
+	} else {
+		// prior to 23.10.1 only rsa keys are supported
+		// this function filters out non-rsa keys from the
+		// list of ssh public keys found on the system/agent
+		n.filterSSHPubKeys()
 	}
 
 	// set MgmtMTU to the MTU value of the runtime management network

diff --git a/nodes/srl/sshkey.go b/nodes/srl/sshkey.go
@@ -30,3 +30,20 @@ func catenateKeys(in []ssh.PublicKey) string {
 	// return the string builders content as string
 	return keys.String()
 }
+
+// filterSSHPubKeys removes non-rsa keys from n.sshPubKeys until srl adds support for them.
+func (n *srl) filterSSHPubKeys() {
+	if len(n.sshPubKeys) == 0 {
+		return
+	}
+
+	var filteredKeys []ssh.PublicKey
+
+	for _, k := range n.sshPubKeys {
+		if k.Type() == ssh.KeyAlgoRSA {
+			filteredKeys = append(filteredKeys, k)
+		}
+	}
+
+	n.sshPubKeys = filteredKeys
+}
diff --git a/nodes/srl/sshkey_test.go b/nodes/srl/sshkey_test.go
@@ -43,3 +43,47 @@ func Test_srl_catenateKeys(t *testing.T) {
 		})
 	}
 }
+
+func Test_srl_filterSSHPubKeys(t *testing.T) {
+	type fields struct {
+		keyFiles []string
+	}
+	tests := []struct {
+		name   string
+		fields fields
+		want   string
+	}{
+		{
+			name: "test1",
+			fields: fields{
+				keyFiles: []string{"test_data/keys"},
+			},
+			want: "\"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCs4Qv1yrBk6ygt+o7J4sUcYv+WfDjdAyABDoinOt3PgSmCcVqqAP2qS8UtTnMNuy93Orp6+/R/7/R3O5xdY6I4YViK3WVlKTAUVm7vdeTKp9uq1tNeWgo7+J3baSbQ3INp85ScTfFvRzRCFkr/W97Wh6pTa7ysgkcPvc2/tXG2z36Mx7/TFBk3Q1LY3ByKLtGrC5JnVpMTrqrsCwcLEVHHEZ4z5R4FZED/lpz+wTNFnR/l9HA6yDkKYensHynx+guqYpYD6y4yEGY/LcUnwBg0zIlUhmOsvdmxWBz12Lp7EBiNjSwhnPfe+o3efLGGnjWUAa4TgO8Sa8PQP0pK/ZNd\" \"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILKdXYzPIq8kHRJtDrh21wMVI76AnuPk7HDLeDteKN74\"",
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			allKeys, err := utils.LoadSSHPubKeysFromFiles(tt.fields.keyFiles)
+			if err != nil {
+				t.Errorf("failed to load keys: %v", err)
+			}
+
+			rsaKeys, err := utils.LoadSSHPubKeysFromFiles([]string{"test_data/rsa_key"})
+			if err != nil {
+				t.Errorf("failed to load keys: %v", err)
+			}
+
+			n := &srl{
+				sshPubKeys: allKeys,
+			}
+
+			n.filterSSHPubKeys()
+
+			got := catenateKeys(n.sshPubKeys)
+			want := catenateKeys(rsaKeys)
+			if d := cmp.Diff(got, want); d != "" {
+				t.Errorf("srl.filterSSHPubKeys() = %s", d)
+			}
+		})
+	}
+}