update AZURE_SSH_PUBLIC_KEY variable to be AZURE_SSH_PUBLIC_KEY_B64

Author: cpanato

Tiltfile

@@ -215,7 +215,7 @@ def flavors():
         if key[-4:] == "_B64":
             substitutions[key[:-4]] = base64_decode(substitutions[key])
 
-    ssh_pub_key = "AZURE_SSH_PUBLIC_KEY"
+    ssh_pub_key = "AZURE_SSH_PUBLIC_KEY_B64"
     ssh_pub_key_path = "~/.ssh/id_rsa.pub"
     if not substitutions.get(ssh_pub_key):
         print("{} was not specified in tilt_config.json, attempting to load {}".format(ssh_pub_key, ssh_pub_key_path))

api/v1alpha3/azuremachine_default_test.go

@@ -204,7 +204,7 @@ func TestAzureMachine_SetDataDisksDefaults(t *testing.T) {
 		tc := c
 		t.Run(tc.name, func(t *testing.T) {
 			t.Parallel()
-			machine := hardcodedAzureMachineWithSSHKey(generateSSHPublicKey())
+			machine := hardcodedAzureMachineWithSSHKey(generateSSHPublicKey(true))
 			machine.Spec.DataDisks = tc.disks
 			machine.SetDataDisksDefaults()
 			if !reflect.DeepEqual(machine.Spec.DataDisks, tc.output) {
@@ -223,7 +223,7 @@ func createMachineWithSSHPublicKey(t *testing.T, sshPublicKey string) *AzureMach
 }
 
 func createMachineWithUserAssignedIdentities(t *testing.T, identitiesList []UserAssignedIdentity) *AzureMachine {
-	machine := hardcodedAzureMachineWithSSHKey(generateSSHPublicKey())
+	machine := hardcodedAzureMachineWithSSHKey(generateSSHPublicKey(true))
 	machine.Spec.Identity = VMIdentityUserAssigned
 	machine.Spec.UserAssignedIdentities = identitiesList
 	return machine

api/v1alpha3/azuremachine_validation_test.go

@@ -41,14 +41,19 @@ func TestAzureMachine_ValidateSSHKey(t *testing.T) {
 	}{
 		{
 			name:    "valid ssh key",
-			sshKey:  generateSSHPublicKey(),
+			sshKey:  generateSSHPublicKey(true),
 			wantErr: false,
 		},
 		{
 			name:    "invalid ssh key",
 			sshKey:  "invalid ssh key",
 			wantErr: true,
 		},
+		{
+			name:    "ssh key not base64 encoded",
+			sshKey:  generateSSHPublicKey(false),
+			wantErr: true,
+		},
 	}
 
 	for _, tc := range tests {
@@ -63,10 +68,13 @@ func TestAzureMachine_ValidateSSHKey(t *testing.T) {
 	}
 }
 
-func generateSSHPublicKey() string {
+func generateSSHPublicKey(b64Enconded bool) string {
 	privateKey, _ := rsa.GenerateKey(rand.Reader, 2048)
 	publicRsaKey, _ := ssh.NewPublicKey(&privateKey.PublicKey)
-	return base64.StdEncoding.EncodeToString(ssh.MarshalAuthorizedKey(publicRsaKey))
+	if b64Enconded {
+		return base64.StdEncoding.EncodeToString(ssh.MarshalAuthorizedKey(publicRsaKey))
+	}
+	return string(ssh.MarshalAuthorizedKey(publicRsaKey))
 }
 
 type osDiskTestInput struct {

api/v1alpha3/azuremachine_webhook_test.go

@@ -24,7 +24,7 @@ import (
 )
 
 var (
-	validSSHPublicKey = generateSSHPublicKey()
+	validSSHPublicKey = generateSSHPublicKey(true)
 	validOSDisk       = generateValidOSDisk()
 )
 

docs/book/src/topics/ephemeral-os.md

@@ -56,6 +56,6 @@ spec:
         managedDisk:
           storageAccountType: Standard_LRS
         osType: Linux
-      sshPublicKey: ${AZURE_SSH_PUBLIC_KEY}
+      sshPublicKey: ${AZURE_SSH_PUBLIC_KEY_B64}
       vmSize: ${AZURE_NODE_MACHINE_TYPE}
 ````

docs/book/src/topics/managedcluster.md

@@ -92,7 +92,7 @@ spec:
     name: agentpool0
   location: southcentralus
   resourceGroup: foo-bar
-  sshPublicKey: ${AZURE_SSH_PUBLIC_KEY}
+  sshPublicKey: ${AZURE_SSH_PUBLIC_KEY_B64}
   subscriptionID: fae7cc14-bfba-4471-9435-f945b42a16dd # fake uuid
   version: v1.17.4
   networkPolicy: azure # or calico

docs/development.md

@@ -275,12 +275,12 @@ export WORKER_MACHINE_COUNT=2
 export KUBERNETES_VERSION="v1.18.8"
 
 # Generate SSH key.
-# If you want to provide your own key, skip this step and set AZURE_SSH_PUBLIC_KEY to your existing file.
+# If you want to provide your own key, skip this step and set AZURE_SSH_PUBLIC_KEY_B64 to your existing file.
 SSH_KEY_FILE=.sshkey
 rm -f "${SSH_KEY_FILE}" 2>/dev/null
 ssh-keygen -t rsa -b 2048 -f "${SSH_KEY_FILE}" -N '' 1>/dev/null
 echo "Machine SSH key generated in ${SSH_KEY_FILE}"
-export AZURE_SSH_PUBLIC_KEY=$(cat "${SSH_KEY_FILE}.pub" | base64 | tr -d '\r\n')
+export AZURE_SSH_PUBLIC_KEY_B64=$(cat "${SSH_KEY_FILE}.pub" | base64 | tr -d '\r\n')
 ```
 
 ⚠️ Please note the generated templates include default values and therefore require the use of `clusterctl` to create the cluster

docs/troubleshooting.md

@@ -23,7 +23,7 @@ E0320 23:33:33.288073       1 controller.go:258] controller-runtime/controller "
 ### Remoting to workload clusters
 After the workload cluster is finished deploying you will have a kubeconfig in `./kubeconfig`.
 
-Using the ssh information provided during cluster creation (environment variable `AZURE_SSH_PUBLIC_KEY`), you can debug most issues by SSHing into the VMs that have been created:
+Using the ssh information provided during cluster creation (environment variable `AZURE_SSH_PUBLIC_KEY_B64`), you can debug most issues by SSHing into the VMs that have been created:
 
 ```
 # connect to first control node - capi is default linux user created by deployment
@@ -40,8 +40,8 @@ capz-cluster-md-0-s52wb            true    Succeeded
 capz-cluster-md-0-w8xxw            true    Succeeded
 
 # pick node name from output above:
-node=$(kubectl get azuremachine capz-cluster-md-0-s52wb -o jsonpath='{.status.addresses[0].address}') 
-ssh -J capi@${apiserver} capi@${node} 
+node=$(kubectl get azuremachine capz-cluster-md-0-s52wb -o jsonpath='{.status.addresses[0].address}')
+ssh -J capi@${apiserver} capi@${node}
 ```
 
 > There are some [provided scripts](/hack/debugging/Readme.md) that can help automate a few common tasks.

hack/create-dev-cluster.sh

@@ -56,7 +56,7 @@ if ! [ -n "$SSH_KEY_FILE" ]; then
     ssh-keygen -t rsa -b 2048 -f "${SSH_KEY_FILE}" -N '' 1>/dev/null
     echo "Machine SSH key generated in ${SSH_KEY_FILE}"
 fi
-export AZURE_SSH_PUBLIC_KEY=$(cat "${SSH_KEY_FILE}.pub" | base64 | tr -d '\r\n')
+export AZURE_SSH_PUBLIC_KEY_B64=$(cat "${SSH_KEY_FILE}.pub" | base64 | tr -d '\r\n')
 
 echo "================ DOCKER BUILD ==============="
 PULL_POLICY=IfNotPresent make modules docker-build

scripts/ci-e2e.sh

@@ -85,7 +85,7 @@ if [ -z "${AZURE_SSH_PUBLIC_KEY_FILE}" ]; then
     ssh-keygen -t rsa -b 2048 -f "${SSH_KEY_FILE}" -N '' 1>/dev/null
     AZURE_SSH_PUBLIC_KEY_FILE="${SSH_KEY_FILE}.pub"
 fi
-export AZURE_SSH_PUBLIC_KEY=$(cat "${AZURE_SSH_PUBLIC_KEY_FILE}" | base64 | tr -d '\r\n')
+export AZURE_SSH_PUBLIC_KEY_B64=$(cat "${AZURE_SSH_PUBLIC_KEY_FILE}" | base64 | tr -d '\r\n')
 
 # timestamp is in RFC-3339 format to match kubetest
 export TIMESTAMP="$(date -u '+%Y-%m-%dT%H:%M:%SZ')"