Salt has a state module to manage .ssh/authorized_keys
https://docs.saltstack.com/en/develop/ref/states/all/salt.states.ssh_auth.html
I am not happy with it, since it combines code and data.
The state file is for me some kind of source code.
The ssh-key is for me data.
I don't want to combine both in one file.
Is there an other solution which separates code and data?
you don't have to put them together in one file:
as per documentation: https://docs.saltstack.com/en/latest/ref/states/all/salt.states.ssh_auth.html you can use this method:
thatch:
ssh_auth.present:
- user: root
- source: salt://ssh_keys/thatch.id_rsa.pub
- config: /%h/.ssh/authorized_keys
(contrary to the example in the documentation, i get an error if the config: value starts with a '%')
this keeps your keys in their appropriate files and only links them from your code by their filenames.