Created
February 25, 2022 02:58
-
-
Save Laura7089/feeabcb46888a80ef3ba09bcc277f811 to your computer and use it in GitHub Desktop.
`packer-plugin-ansible` patched to generate newer keys, https://github.com/hashicorp/packer-plugin-ansible/issues/69
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Maintainer: Laura Demkowicz-Duffy <[email protected]> | |
| _pkgname=packer-plugin-ansible | |
| pkgname=${_pkgname}-patch | |
| pkgver=1.0.1 | |
| pkgrel=1 | |
| pkgdesc="Packer ansible plugin with patch applied" | |
| arch=('x86_64') | |
| url="https://github.com/hashicorp/packer-plugin-ansible/issues/69" | |
| license=('MPL2') | |
| depends=(ansible packer) | |
| makedepends=(go) | |
| source=("git+https://github.com/hashicorp/${_pkgname}.git#tag=v${pkgver}" | |
| "rsa_gone.patch") | |
| noextract=() | |
| md5sums=('SKIP' | |
| '563c1207ec4a7a893b567cf2ededa41a') | |
| validpgpkeys=() | |
| prepare() { | |
| cd "$_pkgname" | |
| patch -p1 -i "$srcdir/rsa_gone.patch" | |
| } | |
| build() { | |
| cd "$_pkgname" | |
| GOPATH=$(mktemp -d) go build | |
| } | |
| package() { | |
| cd "$_pkgname" | |
| install -Dm 0755 packer-plugin-ansible $pkgdir/usr/bin/packer-plugin-ansible | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff --unified --recursive --text packer-plugin-ansible.orig/provisioner/ansible/provisioner.go packer-plugin-ansible.new/provisioner/ansible/provisioner.go | |
| --- packer-plugin-ansible.orig/provisioner/ansible/provisioner.go 2022-02-25 02:40:53.469060985 +0000 | |
| +++ packer-plugin-ansible.new/provisioner/ansible/provisioner.go 2022-02-25 02:46:01.313196247 +0000 | |
| @@ -7,8 +7,9 @@ | |
| "bufio" | |
| "bytes" | |
| "context" | |
| + "crypto/ecdsa" | |
| + "crypto/elliptic" | |
| "crypto/rand" | |
| - "crypto/rsa" | |
| "crypto/x509" | |
| "encoding/pem" | |
| "errors" | |
| @@ -943,7 +944,7 @@ | |
| return userKey, nil | |
| } | |
| - key, err := rsa.GenerateKey(rand.Reader, 2048) | |
| + key, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader) | |
| if err != nil { | |
| return nil, errors.New("Failed to generate key pair") | |
| } | |
| @@ -954,9 +955,12 @@ | |
| // To support Ansible calling back to us we need to write | |
| // this file down | |
| - privateKeyDer := x509.MarshalPKCS1PrivateKey(key) | |
| + privateKeyDer, err := x509.MarshalPKCS8PrivateKey(key) | |
| + if err != nil { | |
| + return nil, errors.New("Failed to marshal private key") | |
| + } | |
| privateKeyBlock := pem.Block{ | |
| - Type: "RSA PRIVATE KEY", | |
| + Type: "PRIVATE KEY", | |
| Headers: nil, | |
| Bytes: privateKeyDer, | |
| } | |
| @@ -999,7 +1003,7 @@ | |
| return signer, nil | |
| } | |
| - key, err := rsa.GenerateKey(rand.Reader, 2048) | |
| + key, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader) | |
| if err != nil { | |
| return nil, errors.New("Failed to generate server key pair") | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment