From 913c0ec1b89b640839d297e8655f506bd1ea20d9 Mon Sep 17 00:00:00 2001 From: Nicolas Ochem Date: Mon, 23 Oct 2023 13:04:54 -0700 Subject: [PATCH] ensure private key is present when authorized key is set --- utils/config-generator.py | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/utils/config-generator.py b/utils/config-generator.py index 4b9d3ab81..eecaedf2b 100755 --- a/utils/config-generator.py +++ b/utils/config-generator.py @@ -232,9 +232,6 @@ def fill_in_missing_accounts(): baker_values["bake_using_account"] = None baker_values["bake_using_accounts"] = accts - # add authorized_keys if any, so signing requests can be auth'd - accts = [ *accts, *baker_values.get["authorized_keys"] ] - for acct in accts: if acct not in ACCOUNTS: print(f"Creating account: {acct}") @@ -343,6 +340,8 @@ def expose_secret_key(account_name): if MY_POD_TYPE == "node": if MY_POD_CONFIG.get("bake_using_account", "") == account_name: return True + if account_name in MY_POD_CONFIG.get("authorized_keys", {}): + return True return account_name in MY_POD_CONFIG.get("bake_using_accounts", {}) return False