QA » openQA Project » openQA Infrastructure

Observation¶

In https://gitlab.suse.de/openqa/salt-pillars-openqa/-/merge_requests/815 and with the following deployment job, we had to realize that currently we're affected by https://github.com/saltstack/salt/issues/61299 :

ada.qe.prg2.suse.org:
----------
          ID: ph03nix
    Function: ssh_auth.present
        Name: sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIDF+5kEasMGxX9q6WERpGPOeQGB0j681GMMkRRWo/fg2AAAABHNzaDo= phoenix@racetrack-7290-nitrokey
      Result: False
     Comment: Invalid public ssh key, most likely has spaces or invalid syntax
     Started: 14:36:03.312924
    Duration: 1.374 ms
     Changes:   
----------
          ID: ph03nix
    Function: ssh_auth.present
        Name: sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIDeAIjDQ36FJux7JK3vygkWJ5K5/FHUuvPDxRsOnmEC5AAAABHNzaDo= phoenix@racetrack-7290-yk5
      Result: False
     Comment: Invalid public ssh key, most likely has spaces or invalid syntax
     Started: 14:36:03.315261
    Duration: 1.349 ms
     Changes:   
Summary for ada.qe.prg2.suse.org
--------------
Succeeded: 257
Failed:      2
--------------
Total states run:     259
Total run time:    11.519 s
ada.qe.prg2.suse.org:
    Error: ssh_auth.present

We had to revert this for now: https://gitlab.suse.de/openqa/salt-pillars-openqa/-/merge_requests/816

Acceptance criteria¶

• AC1: No more invalid key errors despite keys called like sk-ssh-ed25519@openssh.com

Suggestions¶

• I think the best we can currently do is either provide an upstream fix or workaround it in our states. For a workaround I would try to simply append each value of pub_ssh_key per user (similar to how we do it with other files).
  • Or provide the workaround and just propese an upstream fix - don't worry about packaging etc here
  • Tell the team what this is and why you might want it