Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix signing commits with GPG key #572

Merged
merged 2 commits into from
Nov 10, 2023
Merged

Fix signing commits with GPG key #572

merged 2 commits into from
Nov 10, 2023

Conversation

knutgoetz
Copy link
Contributor

Before this is merged the provider code expects the content of the exported GPG keyring to be set as the value of the gpg_key_ring attribute. I could not make this work and i doubt that it is possible since the keyring content is expected in a binary format (and not as an armored string) and thus cannot be passed as a terraform TypeString.
Also this behaviour of the provider does not align with the behaviour of flux bootstrap which also expects a path.

This PR will align the behaviour of the flux_bootstrap_git resource with the behaviour of flux bootstrap.

Addresses #571

@knutgoetz knutgoetz force-pushed the fix/expect-gpg-key-ring-as-path branch from bf41052 to 59f84ec Compare November 2, 2023 22:12
@knutgoetz knutgoetz force-pushed the fix/expect-gpg-key-ring-as-path branch from 59f84ec to 9cac86c Compare November 2, 2023 22:14
darkowlzz
darkowlzz reviewed Nov 8, 2023
View reviewed changes
Copy link
Contributor

@darkowlzz darkowlzz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for fixing this. I tested it manually and it does fix the issue.
Let's also update the schema docs to make it clear that it's a path in

terraform-provider-flux/internal/provider/provider.go

Line 232 in 4e56fa2

Description: "GPG key ring for signing commits.",
.

@knutgoetz knutgoetz force-pushed the fix/expect-gpg-key-ring-as-path branch from 9cac86c to 1316b50 Compare November 10, 2023 12:04
@knutgoetz
Expect gpg_key_ring to be a path to a keyring
18b6ef7 
This aligns the behavior of the provider with the `gpg_key_id` parameter
of the FluxCD CLI. Not sure if the GPG was even possible since the code
expected the contents of the keyring to be passed as a string.

Signed-off-by: Knut Götz <[email protected]>
@knutgoetz knutgoetz force-pushed the fix/expect-gpg-key-ring-as-path branch from 1316b50 to 18b6ef7 Compare November 10, 2023 12:16
@knutgoetz
Copy link
Contributor Author

@darkowlzz thx for the review. I adjusted the docs.

darkowlzz
darkowlzz approved these changes Nov 10, 2023
View reviewed changes
Copy link
Contributor

@darkowlzz darkowlzz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@darkowlzz darkowlzz merged commit ed1a274 into fluxcd:main Nov 10, 2023
This was referenced Nov 13, 2023
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@darkowlzz darkowlzz darkowlzz approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@knutgoetz @darkowlzz