luks_device: add support for keyslots #664

zemdreg · 2023-10-15T16:02:50Z

SUMMARY

Added support for setting specific key slots when using the luks_device module. Introduces the following new parameters:

keyslot for setting the keyslot during container creation
new_keyslot for adding new keyslots
remove_keyslot for removing a keyslot

ISSUE TYPE

Feature Pull Request

COMPONENT NAME

luks_device

ADDITIONAL INFORMATION

github-actions · 2023-10-15T16:05:16Z

Docs Build 📝

Thank you for contribution!✨

This PR has been merged and the docs are now incorporated into main:
https://ansible-collections.github.io/community.crypto/branch/main

…gs, remove print statements

… test files

felixfontein

Thanks for your contribution! I've added some first comments.

plugins/modules/luks_device.py

…mprovements

…systems that do not support luks2

plugins/modules/luks_device.py

felixfontein · 2023-10-22T16:00:43Z

plugins/modules/luks_device.py

+    def is_luks_slot_set(self, device, keyslot):
+        ''' check if a keyslot is set
+        '''
+        result = self._run_command([self._cryptsetup_bin, 'luksDump', device])


I really wish --dump-json-metadata would also be available for LUKS1. That way extracting this information would be a lot easier...

plugins/modules/luks_device.py

… check all possible locations for LUKS2 header

felixfontein · 2023-10-29T09:53:09Z

@sgufler thanks a lot for your contribution!

luks_device: add support for keyslots

1ec0cd8

zemdreg added 2 commits October 15, 2023 20:49

luks_device: replace python3 format strings with python2 format strin…

3090d69

…gs, remove print statements

luks_device: add missing copyright information in keyslot integration…

d8944fa

… test files

felixfontein reviewed Oct 15, 2023

View reviewed changes

zemdreg added 4 commits October 15, 2023 21:53

luks_device: updated failing unit tests for keyslot support

7c20340

luks_device: improve detection of luks version

68f09f7

luks_device: Update documentation on keyslot parameters, minor code i…

8230609

…mprovements

luks_device: improve validation of keyslot parameters, fix tests for …

ee501ec

…systems that do not support luks2

zemdreg changed the title ~~[WIP] luks_device: add support for keyslots~~ luks_device: add support for keyslots Oct 22, 2023

zemdreg requested a review from felixfontein October 22, 2023 13:20

felixfontein reviewed Oct 22, 2023

View reviewed changes

luks_device: correct spelling and errors in documentation and output,…

8e5aae9

… check all possible locations for LUKS2 header

zemdreg requested a review from felixfontein October 22, 2023 18:04

felixfontein approved these changes Oct 29, 2023

View reviewed changes

felixfontein merged commit 6504e67 into ansible-collections:main Oct 29, 2023
126 checks passed

felixfontein added a commit that referenced this pull request Oct 29, 2023

Add changelog fragment for #664.

fc707c7

zemdreg deleted the luks_device_keyslots branch February 11, 2024 11:28

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

luks_device: add support for keyslots #664

luks_device: add support for keyslots #664

zemdreg commented Oct 15, 2023

github-actions bot commented Oct 15, 2023 •

edited

Loading

felixfontein left a comment

felixfontein Oct 22, 2023

felixfontein commented Oct 29, 2023

luks_device: add support for keyslots #664

luks_device: add support for keyslots #664

Conversation

zemdreg commented Oct 15, 2023

SUMMARY

ISSUE TYPE

COMPONENT NAME

ADDITIONAL INFORMATION

github-actions bot commented Oct 15, 2023 • edited Loading

Docs Build 📝

felixfontein left a comment

Choose a reason for hiding this comment

felixfontein Oct 22, 2023

Choose a reason for hiding this comment

felixfontein commented Oct 29, 2023

github-actions bot commented Oct 15, 2023 •

edited

Loading