dev authorized keys are additive

[daaray]

If I change a developer's public key, it adds it to their authorized keys. I would expect a 1:1 mapping of keys in the conf to those on the server.

As it stands, if I change a key due to it being compromised, a deploy would leave the compromised keys on the server.

[mlavin]

No obvious solution to this problem. There isn't a Salt state to assert the entire contents of the authorize keys. Only that single keys are present or absent. http://docs.saltstack.com/en/latest/ref/states/all/salt.states.ssh_auth.html#module-salt.states.ssh_auth

Similar problems for other removed states/pillars. Just because you remove the worker state doesn't mean the Supervisor config and the currently running service will be removed. You have to go back and do a one off clean up.

[daaray]

Fair enough. That one off would look something like (or just ssh to the machine and ✂️ it).

fab [env] salt:'ssh.rm_auth_key [user] [key]

[mlavin]

Let's not close this. It is a problem. As you said it just needs some docs or a fab shortcut to help with it.

[dpoirier]

Maybe when we want to remove a user from the system, instead of removing the user from our list, we could add a "state: removed" or something like that, then look for it when processing the user entries?

[vkurup]

Margarita portion tracked in caktus/margarita#66. We would then need some docs/examples over here on how to use it.