Created
September 29, 2020 07:24
-
-
Save boltronics/2ec1c2f05dc044a0cdbb75bed7bb46aa to your computer and use it in GitHub Desktop.
Convert GPG public key to base64 on Salt Master
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ # Problem: | |
| $ # * Official Debian GNU/Linux AMIs don't have gpg pre-installed. | |
| $ # * We want to bootstrap a host using a salt-cloud deploy script. | |
| $ # * This will add the key to the new host to add the Salt repository. | |
| $ # * We cannot use apt-key so must add the gpg binary into trusted.conf.d | |
| $ # directly. | |
| $ # * We can base64 encode (base64 command is part of coreutils) | |
| $ # but ideally won't store the key base64-encoded in pillar. | |
| $ # Solution: | |
| $ # A) Run `apt-get update`, install GnuPG, add the Salt repo key, | |
| $ # (and repo), run `apt-get update` again... yuck! | |
| $ # B) "dearmor" the key on the salt master during the pillar rendering. | |
| $ # so /etc/salt/cloud.deploy.d has base64 encoded verion, but the | |
| $ # original public key is visible in pre-rendered pillar data. | |
| $ # No need to re-run `apt-get update` so startup is faster. | |
| $ # Let's go with B. | |
| $ # | |
| $ # The syntax is a bit tricky, so let's simluate what cmd.shell will do: | |
| $ python3 | |
| >>> salt = {'saltutil.runner': lambda *x, **y: y['arg']} | |
| >>> x = salt['saltutil.runner']('cmd.shell', | |
| ... arg="""[\"""echo '-----BEGIN PGP PUBLIC KEY BLOCK----- | |
| ... Version: GnuPG v2 | |
| ... | |
| ... mQENBFOpvpgBCADkP656H41i8fpplEEB8IeLhugyC2rTEwwSclb8tQNYtUiGdna9 | |
| ... m38kb0OS2DDrEdtdQb2hWCnswxaAkUunb2qq18vd3dBvlnI+C4/xu5ksZZkRj+fW | |
| ... tArNR18V+2jkwcG26m8AxIrT+m4M6/bgnSfHTBtT5adNfVcTHqiT1JtCbQcXmwVw | |
| ... WbqS6v/LhcsBE//SHne4uBCK/GHxZHhQ5jz5h+3vWeV4gvxS3Xu6v1IlIpLDwUts | |
| ... kT1DumfynYnnZmWTGc6SYyIFXTPJLtnoWDb9OBdWgZxXfHEcBsKGha+bXO+m2tHA | |
| ... gNneN9i5f8oNxo5njrL8jkCckOpNpng18BKXABEBAAG0MlNhbHRTdGFjayBQYWNr | |
| ... YWdpbmcgVGVhbSA8cGFja2FnaW5nQHNhbHRzdGFjay5jb20+iQE4BBMBAgAiBQJT | |
| ... qb6YAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRAOCKFJ3le/vhkqB/0Q | |
| ... WzELZf4d87WApzolLG+zpsJKtt/ueXL1W1KA7JILhXB1uyvVORt8uA9FjmE083o1 | |
| ... yE66wCya7V8hjNn2lkLXboOUd1UTErlRg1GYbIt++VPscTxHxwpjDGxDB1/fiX2o | |
| ... nK5SEpuj4IeIPJVE/uLNAwZyfX8DArLVJ5h8lknwiHlQLGlnOu9ulEAejwAKt9CU | |
| ... 4oYTszYM4xrbtjB/fR+mPnYh2fBoQO4d/NQiejIEyd9IEEMd/03AJQBuMux62tjA | |
| ... /NwvQ9eqNgLw9NisFNHRWtP4jhAOsshv1WW+zPzu3ozoO+lLHixUIz7fqRk38q8Q | |
| ... 9oNR31KvrkSNrFbA3D89uQENBFOpvpgBCADJ79iH10AfAfpTBEQwa6vzUI3Eltqb | |
| ... 9aZ0xbZV8V/8pnuU7rqM7Z+nJgldibFk4gFG2bHCG1C5aEH/FmcOMvTKDhJSFQUx | |
| ... uhgxttMArXm2c22OSy1hpsnVG68G32Nag/QFEJ++3hNnbyGZpHnPiYgej3FrerQJ | |
| ... zv456wIsxRDMvJ1NZQB3twoCqwapC6FJE2hukSdWB5yCYpWlZJXBKzlYz/gwD/Fr | |
| ... GL578WrLhKw3UvnJmlpqQaDKwmV2s7MsoZogC6wkHE92kGPG2GmoRD3ALjmCvN1E | |
| ... PsIsQGnwpcXsRpYVCoW7e2nW4wUf7IkFZ94yOCmUq6WreWI4NggRcFC5ABEBAAGJ | |
| ... AR8EGAECAAkFAlOpvpgCGwwACgkQDgihSd5Xv74/NggA08kEdBkiWWwJZUZEy7cK | |
| ... WWcgjnRuOHd4rPeT+vQbOWGu6x4bxuVf9aTiYkf7ZjVF2lPn97EXOEGFWPZeZbH4 | |
| ... vdRFH9jMtP+rrLt6+3c9j0M8SIJYwBL1+CNpEC/BuHj/Ra/cmnG5ZNhYebm76h5f | |
| ... T9iPW9fFww36FzFka4VPlvA4oB7ebBtquFg3sdQNU/MmTVV4jPFWXxh4oRDDR+8N | |
| ... 1bcPnbB11b5ary99F/mqr7RgQ+YFF0uKRE3SKa7a+6cIuHEZ7Za+zhPaQlzAOZlx | |
| ... fuBmScum8uQTrEF5+Um5zkwC7EXTdH1co/+/V/fpOtxIg4XO4kcugZefVm5ERfVS | |
| ... MA== | |
| ... =dtMN | |
| ... -----END PGP PUBLIC KEY BLOCK-----' | | |
| ... gpg --dearmor | | |
| ... base64 -\"""]""") | |
| >>> print(eval(x)[0]) | |
| echo '-----BEGIN PGP PUBLIC KEY BLOCK----- | |
| Version: GnuPG v2 | |
| mQENBFOpvpgBCADkP656H41i8fpplEEB8IeLhugyC2rTEwwSclb8tQNYtUiGdna9 | |
| m38kb0OS2DDrEdtdQb2hWCnswxaAkUunb2qq18vd3dBvlnI+C4/xu5ksZZkRj+fW | |
| tArNR18V+2jkwcG26m8AxIrT+m4M6/bgnSfHTBtT5adNfVcTHqiT1JtCbQcXmwVw | |
| WbqS6v/LhcsBE//SHne4uBCK/GHxZHhQ5jz5h+3vWeV4gvxS3Xu6v1IlIpLDwUts | |
| kT1DumfynYnnZmWTGc6SYyIFXTPJLtnoWDb9OBdWgZxXfHEcBsKGha+bXO+m2tHA | |
| gNneN9i5f8oNxo5njrL8jkCckOpNpng18BKXABEBAAG0MlNhbHRTdGFjayBQYWNr | |
| YWdpbmcgVGVhbSA8cGFja2FnaW5nQHNhbHRzdGFjay5jb20+iQE4BBMBAgAiBQJT | |
| qb6YAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRAOCKFJ3le/vhkqB/0Q | |
| WzELZf4d87WApzolLG+zpsJKtt/ueXL1W1KA7JILhXB1uyvVORt8uA9FjmE083o1 | |
| yE66wCya7V8hjNn2lkLXboOUd1UTErlRg1GYbIt++VPscTxHxwpjDGxDB1/fiX2o | |
| nK5SEpuj4IeIPJVE/uLNAwZyfX8DArLVJ5h8lknwiHlQLGlnOu9ulEAejwAKt9CU | |
| 4oYTszYM4xrbtjB/fR+mPnYh2fBoQO4d/NQiejIEyd9IEEMd/03AJQBuMux62tjA | |
| /NwvQ9eqNgLw9NisFNHRWtP4jhAOsshv1WW+zPzu3ozoO+lLHixUIz7fqRk38q8Q | |
| 9oNR31KvrkSNrFbA3D89uQENBFOpvpgBCADJ79iH10AfAfpTBEQwa6vzUI3Eltqb | |
| 9aZ0xbZV8V/8pnuU7rqM7Z+nJgldibFk4gFG2bHCG1C5aEH/FmcOMvTKDhJSFQUx | |
| uhgxttMArXm2c22OSy1hpsnVG68G32Nag/QFEJ++3hNnbyGZpHnPiYgej3FrerQJ | |
| zv456wIsxRDMvJ1NZQB3twoCqwapC6FJE2hukSdWB5yCYpWlZJXBKzlYz/gwD/Fr | |
| GL578WrLhKw3UvnJmlpqQaDKwmV2s7MsoZogC6wkHE92kGPG2GmoRD3ALjmCvN1E | |
| PsIsQGnwpcXsRpYVCoW7e2nW4wUf7IkFZ94yOCmUq6WreWI4NggRcFC5ABEBAAGJ | |
| AR8EGAECAAkFAlOpvpgCGwwACgkQDgihSd5Xv74/NggA08kEdBkiWWwJZUZEy7cK | |
| WWcgjnRuOHd4rPeT+vQbOWGu6x4bxuVf9aTiYkf7ZjVF2lPn97EXOEGFWPZeZbH4 | |
| vdRFH9jMtP+rrLt6+3c9j0M8SIJYwBL1+CNpEC/BuHj/Ra/cmnG5ZNhYebm76h5f | |
| T9iPW9fFww36FzFka4VPlvA4oB7ebBtquFg3sdQNU/MmTVV4jPFWXxh4oRDDR+8N | |
| 1bcPnbB11b5ary99F/mqr7RgQ+YFF0uKRE3SKa7a+6cIuHEZ7Za+zhPaQlzAOZlx | |
| fuBmScum8uQTrEF5+Um5zkwC7EXTdH1co/+/V/fpOtxIg4XO4kcugZefVm5ERfVS | |
| MA== | |
| =dtMN | |
| -----END PGP PUBLIC KEY BLOCK-----' | | |
| gpg --dearmor | | |
| base64 - | |
| >>> ^D | |
| $ # Copied and pasted from the above: | |
| $ echo '-----BEGIN PGP PUBLIC KEY BLOCK----- | |
| > Version: GnuPG v2 | |
| > | |
| > mQENBFOpvpgBCADkP656H41i8fpplEEB8IeLhugyC2rTEwwSclb8tQNYtUiGdna9 | |
| > m38kb0OS2DDrEdtdQb2hWCnswxaAkUunb2qq18vd3dBvlnI+C4/xu5ksZZkRj+fW | |
| > tArNR18V+2jkwcG26m8AxIrT+m4M6/bgnSfHTBtT5adNfVcTHqiT1JtCbQcXmwVw | |
| > WbqS6v/LhcsBE//SHne4uBCK/GHxZHhQ5jz5h+3vWeV4gvxS3Xu6v1IlIpLDwUts | |
| > kT1DumfynYnnZmWTGc6SYyIFXTPJLtnoWDb9OBdWgZxXfHEcBsKGha+bXO+m2tHA | |
| > gNneN9i5f8oNxo5njrL8jkCckOpNpng18BKXABEBAAG0MlNhbHRTdGFjayBQYWNr | |
| > YWdpbmcgVGVhbSA8cGFja2FnaW5nQHNhbHRzdGFjay5jb20+iQE4BBMBAgAiBQJT | |
| > qb6YAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRAOCKFJ3le/vhkqB/0Q | |
| > WzELZf4d87WApzolLG+zpsJKtt/ueXL1W1KA7JILhXB1uyvVORt8uA9FjmE083o1 | |
| > yE66wCya7V8hjNn2lkLXboOUd1UTErlRg1GYbIt++VPscTxHxwpjDGxDB1/fiX2o | |
| > nK5SEpuj4IeIPJVE/uLNAwZyfX8DArLVJ5h8lknwiHlQLGlnOu9ulEAejwAKt9CU | |
| > 4oYTszYM4xrbtjB/fR+mPnYh2fBoQO4d/NQiejIEyd9IEEMd/03AJQBuMux62tjA | |
| > /NwvQ9eqNgLw9NisFNHRWtP4jhAOsshv1WW+zPzu3ozoO+lLHixUIz7fqRk38q8Q | |
| > 9oNR31KvrkSNrFbA3D89uQENBFOpvpgBCADJ79iH10AfAfpTBEQwa6vzUI3Eltqb | |
| > 9aZ0xbZV8V/8pnuU7rqM7Z+nJgldibFk4gFG2bHCG1C5aEH/FmcOMvTKDhJSFQUx | |
| > uhgxttMArXm2c22OSy1hpsnVG68G32Nag/QFEJ++3hNnbyGZpHnPiYgej3FrerQJ | |
| > zv456wIsxRDMvJ1NZQB3twoCqwapC6FJE2hukSdWB5yCYpWlZJXBKzlYz/gwD/Fr | |
| > GL578WrLhKw3UvnJmlpqQaDKwmV2s7MsoZogC6wkHE92kGPG2GmoRD3ALjmCvN1E | |
| > PsIsQGnwpcXsRpYVCoW7e2nW4wUf7IkFZ94yOCmUq6WreWI4NggRcFC5ABEBAAGJ | |
| > AR8EGAECAAkFAlOpvpgCGwwACgkQDgihSd5Xv74/NggA08kEdBkiWWwJZUZEy7cK | |
| > WWcgjnRuOHd4rPeT+vQbOWGu6x4bxuVf9aTiYkf7ZjVF2lPn97EXOEGFWPZeZbH4 | |
| > vdRFH9jMtP+rrLt6+3c9j0M8SIJYwBL1+CNpEC/BuHj/Ra/cmnG5ZNhYebm76h5f | |
| > T9iPW9fFww36FzFka4VPlvA4oB7ebBtquFg3sdQNU/MmTVV4jPFWXxh4oRDDR+8N | |
| > 1bcPnbB11b5ary99F/mqr7RgQ+YFF0uKRE3SKa7a+6cIuHEZ7Za+zhPaQlzAOZlx | |
| > fuBmScum8uQTrEF5+Um5zkwC7EXTdH1co/+/V/fpOtxIg4XO4kcugZefVm5ERfVS | |
| > MA== | |
| > =dtMN | |
| > -----END PGP PUBLIC KEY BLOCK-----' | | |
| > gpg --dearmor | | |
| > base64 - | |
| mQENBFOpvpgBCADkP656H41i8fpplEEB8IeLhugyC2rTEwwSclb8tQNYtUiGdna9m38kb0OS2DDr | |
| EdtdQb2hWCnswxaAkUunb2qq18vd3dBvlnI+C4/xu5ksZZkRj+fWtArNR18V+2jkwcG26m8AxIrT | |
| +m4M6/bgnSfHTBtT5adNfVcTHqiT1JtCbQcXmwVwWbqS6v/LhcsBE//SHne4uBCK/GHxZHhQ5jz5 | |
| h+3vWeV4gvxS3Xu6v1IlIpLDwUtskT1DumfynYnnZmWTGc6SYyIFXTPJLtnoWDb9OBdWgZxXfHEc | |
| BsKGha+bXO+m2tHAgNneN9i5f8oNxo5njrL8jkCckOpNpng18BKXABEBAAG0MlNhbHRTdGFjayBQ | |
| YWNrYWdpbmcgVGVhbSA8cGFja2FnaW5nQHNhbHRzdGFjay5jb20+iQE4BBMBAgAiBQJTqb6YAhsD | |
| BgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRAOCKFJ3le/vhkqB/0QWzELZf4d87WApzolLG+z | |
| psJKtt/ueXL1W1KA7JILhXB1uyvVORt8uA9FjmE083o1yE66wCya7V8hjNn2lkLXboOUd1UTErlR | |
| g1GYbIt++VPscTxHxwpjDGxDB1/fiX2onK5SEpuj4IeIPJVE/uLNAwZyfX8DArLVJ5h8lknwiHlQ | |
| LGlnOu9ulEAejwAKt9CU4oYTszYM4xrbtjB/fR+mPnYh2fBoQO4d/NQiejIEyd9IEEMd/03AJQBu | |
| Mux62tjA/NwvQ9eqNgLw9NisFNHRWtP4jhAOsshv1WW+zPzu3ozoO+lLHixUIz7fqRk38q8Q9oNR | |
| 31KvrkSNrFbA3D89uQENBFOpvpgBCADJ79iH10AfAfpTBEQwa6vzUI3Eltqb9aZ0xbZV8V/8pnuU | |
| 7rqM7Z+nJgldibFk4gFG2bHCG1C5aEH/FmcOMvTKDhJSFQUxuhgxttMArXm2c22OSy1hpsnVG68G | |
| 32Nag/QFEJ++3hNnbyGZpHnPiYgej3FrerQJzv456wIsxRDMvJ1NZQB3twoCqwapC6FJE2hukSdW | |
| B5yCYpWlZJXBKzlYz/gwD/FrGL578WrLhKw3UvnJmlpqQaDKwmV2s7MsoZogC6wkHE92kGPG2Gmo | |
| RD3ALjmCvN1EPsIsQGnwpcXsRpYVCoW7e2nW4wUf7IkFZ94yOCmUq6WreWI4NggRcFC5ABEBAAGJ | |
| AR8EGAECAAkFAlOpvpgCGwwACgkQDgihSd5Xv74/NggA08kEdBkiWWwJZUZEy7cKWWcgjnRuOHd4 | |
| rPeT+vQbOWGu6x4bxuVf9aTiYkf7ZjVF2lPn97EXOEGFWPZeZbH4vdRFH9jMtP+rrLt6+3c9j0M8 | |
| SIJYwBL1+CNpEC/BuHj/Ra/cmnG5ZNhYebm76h5fT9iPW9fFww36FzFka4VPlvA4oB7ebBtquFg3 | |
| sdQNU/MmTVV4jPFWXxh4oRDDR+8N1bcPnbB11b5ary99F/mqr7RgQ+YFF0uKRE3SKa7a+6cIuHEZ | |
| 7Za+zhPaQlzAOZlxfuBmScum8uQTrEF5+Um5zkwC7EXTdH1co/+/V/fpOtxIg4XO4kcugZefVm5E | |
| RfVSMA== | |
| $ | |
| $ # Confirmed to work in staging. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment