Support to create and delete ssh-keys in the PowerVS environment.

[kishen-v]

What this PR does / why we need it:
The PR contains the changes to support creation and deletion of ssh-keys in the powervs environment using the capibmadm tool.

The supporting documentation has also been updated.

kishenv@Kishens-MacBook-Pro capibmadm % ./capibmadm powervs key create --name capiadm-sshkey --key "ssh-rsa AAAAB3NzaC...(redacted)"  --zone osa21 --service-instance-id 82cac694-b9d7-45de-bab4-XXXXXXXXXXXX
Creating ssh key...
Successfully created the ssh key. name="capiadm-sshkey"

kishenv@Kishens-MacBook-Pro capibmadm % ./capibmadm powervs key delete --name capiadm-sshkey --zone osa21 --service-instance-id 82cac694-b9d7-45de-bab4-XXXXXXXXXXXX
Deleting ssh key...
Successfully deleted the ssh key. name="capiadm-sshkey"

Which issue(s) this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when PR gets merged):
Fixes #

Special notes for your reviewer:

/area provider/ibmcloud

1. Please confirm that if this PR changes any image versions, then that's the sole change this PR makes.

Release note:

[netlify]

✅ Deploy Preview for kubernetes-sigs-cluster-api-ibmcloud ready!

Name	Link
🔨 Latest commit	3819a3a
🔍 Latest deploy log	https://app.netlify.com/sites/kubernetes-sigs-cluster-api-ibmcloud/deploys/63eb62bc50be7e00085b2233
😎 Deploy Preview	https://deploy-preview-1087--kubernetes-sigs-cluster-api-ibmcloud.netlify.app/print
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site settings.

[k8s-ci-robot]

Welcome @kishen-v!

It looks like this is your first PR to kubernetes-sigs/cluster-api-provider-ibmcloud 🎉. Please refer to our pull request process documentation to help your PR have a smooth ride to approval.

You will be prompted by a bot to use commands during the review process. Do not be afraid to follow the prompts! It is okay to experiment. Here is the bot commands documentation.

You can also check if kubernetes-sigs/cluster-api-provider-ibmcloud has its own contribution guidelines.

You may want to refer to our testing guide if you run into trouble with your tests not passing.

If you are having difficulty getting your pull request seen, please follow the recommended escalation practices. Also, for tips and tricks in the contribution process you may want to read the Kubernetes contributor cheat sheet. We want to make sure your contribution gets all the attention it needs!

Thank you, and welcome to Kubernetes. 😃

[k8s-ci-robot]

Hi @kishen-v. Thanks for your PR.

I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[Karthik-K-N]

/ok-to-test

[Karthik-K-N]

Few suggestions otherwise looks good to me.

[Karthik-K-N]

Lets handle the error here.

[kishen-v]

Addressed.

[Karthik-K-N]

instead of c lets use something meaningful name like keyClient.

[kishen-v]

Addressed.

[Karthik-K-N]

also should we pass name via flag or as an argument? @Prajyot-Parab @dharaneeshvrd

[dharaneeshvrd]

IMO passing via flag would be more readable.

[Karthik-K-N]

ok, then I think we can stick to how it is now then.

[Karthik-K-N]

LGTM, Please take a look @dharaneeshvrd @Prajyot-Parab later will seek manju's help.

[Prajyot-Parab]

LGTM, Please take a look @dharaneeshvrd @Prajyot-Parab later will seek manju's help.

Testing it on my local, will update.

[dharaneeshvrd]

In general, new line between each block, makes code more readable
otherwise lgtm.

[dharaneeshvrd]

Suggested change

	type keyCreateParams struct {
	type keyCreateOptions struct {

Options is used more commonly in this repo, better to follow same name conventions here too.

[kishen-v]

Changes made as suggested.
Added new-lines to improve readability.

[Prajyot-Parab]

Nit: Power VS --> PowerVS everywhere

[kishen-v]

Nit: Power VS --> PowerVS everywhere

Updated all references of Power VS to PowerVS introduced through this PR.

[Prajyot-Parab]

Suggested change

	/*
	Copyright 2023 The Kubernetes Authors.
	Licensed under the Apache License, Version 2.0 (the "License");
	you may not use this file except in compliance with the License.
	You may obtain a copy of the License at
	http://www.apache.org/licenses/LICENSE-2.0
	Unless required by applicable law or agreed to in writing, software
	distributed under the License is distributed on an "AS IS" BASIS,
	WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	See the License for the specific language governing permissions and
	limitations under the License.
	*/
	/*
	Copyright 2023 The Kubernetes Authors.
	Licensed under the Apache License, Version 2.0 (the "License");
	you may not use this file except in compliance with the License.
	You may obtain a copy of the License at
	http://www.apache.org/licenses/LICENSE-2.0
	Unless required by applicable law or agreed to in writing, software
	distributed under the License is distributed on an "AS IS" BASIS,
	WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	See the License for the specific language governing permissions and
	limitations under the License.
	*/

Fix license header in all files.

[kishen-v]

Updated license across all files.

[Prajyot-Parab]

/test all

[Karthik-K-N]

/lgtm
/assign @mkumatag

[Prajyot-Parab]

Minor Nit:

Suggested change

	capibmadm powervs key create --name <key-name> --key "<ssh key>" --service-instance-id <service-instance-id> --zone <zone>`,
	capibmadm powervs key create --name <key-name> --key "<ssh-key>" --service-instance-id <service-instance-id> --zone <zone>`,

[Prajyot-Parab]

Suggested change

	capibmadm powervs key create --name <key-name> --key "<ssh key>" --service-instance-id <service-instance-id> --zone <zone>
	capibmadm powervs key create --name <key-name> --key "<ssh-key>" --service-instance-id <service-instance-id> --zone <zone>

[kishen-v]

Addressed, made changes as suggested.

[Prajyot-Parab]

/lgtm
@Karthik-K-N @mkumatag PTAL

[mkumatag]

Most of the folks usually prefer file over a plain text of a key for better UX, wondering if can enhance the code to do so. One more flag can be added like key-file which reads from the file and does some validation as well.

@Prajyot-Parab @Karthik-K-N wdys?

Note: if agree - we can have a follow up PR

[Karthik-K-N]

sure we can introduce a flag , Once this get merged, may be @kishen-v do you want to give a try for that.

[kishen-v]

@Karthik-K-N, anything works. If all the PRs for capibmdm needs to go together, I'll work on an enhancement PR to support reading of SSH key from file.

[Prajyot-Parab]

+1 for --key-file flag

[kishen-v]

Changes are made support the --key-path argument.

kishenv@Kishens-MacBook-Pro capibmadm % ./capibmadm powervs key create --name capiadm-sshkey2 --key-path /Users/kishenv/.ssh/id_rsa.pub --zone osa21 --service-instance-id <redacted>
Creating SSH key...
Successfully created the SSH key. name="capiadm-sshkey2"

[mkumatag]

do we need any validation for the validness of the key or Create call will take of that?!

[kishen-v]

@mkumatag, I tried to pass an invalid SSH-key to --key, there is supporting logic on the server's end to validate the key. The following error was returned :

failed to Create PI Key with error [POST /pcloud/v1/tenants/{tenant_id}/sshkeys][400] pcloudTenantsSshkeysPostBadRequest
&{Code:0 Description:capiadm-sshkey sshkey is invalid; please enter a valid ssh RSA key: ssh: no key found Error:bad request Message:}

I'll add supporting changes to validate the key before the request is made.

[mkumatag]

Do we really need? or we just rely on server to take care of validation?!

[kishen-v]

We can rely on server too. :)
But I was only thinking if it would be better to validate the key locally, if not this overhead will be borne by the server.

Edit: I have added a check to validate the SSH-key in the code.

[Prajyot-Parab]

@kishen-v need to fix conflicts and push again.

[mkumatag]

/lgtm

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: kishen-v, mkumatag

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [mkumatag]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment