From d550a1f7c4bf57d12c329693bd7a0e7f8f7544c2 Mon Sep 17 00:00:00 2001 From: Dmitry Tantsur Date: Fri, 18 Sep 2020 13:14:42 +0200 Subject: [PATCH] bifrost-configdrives-dynamic: automatically find ed25519 SSH keys Also make the SSH key detection code a bit more readable. Change-Id: Ia365f75d7fac3d64d8dce898ca854149c0aeed6e --- .../defaults/main.yml | 2 +- .../tasks/ssh_public_key_path.yaml | 40 +++++++++++++------ 2 files changed, 28 insertions(+), 14 deletions(-) diff --git a/playbooks/roles/bifrost-configdrives-dynamic/defaults/main.yml b/playbooks/roles/bifrost-configdrives-dynamic/defaults/main.yml index 9e5e97322..36357c57b 100644 --- a/playbooks/roles/bifrost-configdrives-dynamic/defaults/main.yml +++ b/playbooks/roles/bifrost-configdrives-dynamic/defaults/main.yml @@ -6,7 +6,7 @@ write_interfaces_file: false http_boot_folder: /httpboot # Default location to the ssh public key for the user operating Bifrost. -ssh_public_key_path: "{{ lookup('env', 'HOME') }}/.ssh/id_rsa.pub" +#ssh_public_key_path: "/path/to/id_rsa.pub" # Default interface name # TODO(TheJulia): Remove this default. diff --git a/playbooks/roles/bifrost-configdrives-dynamic/tasks/ssh_public_key_path.yaml b/playbooks/roles/bifrost-configdrives-dynamic/tasks/ssh_public_key_path.yaml index 55978d751..0e4470142 100644 --- a/playbooks/roles/bifrost-configdrives-dynamic/tasks/ssh_public_key_path.yaml +++ b/playbooks/roles/bifrost-configdrives-dynamic/tasks/ssh_public_key_path.yaml @@ -12,18 +12,32 @@ # See the License for the specific language governing permissions and # limitations under the License. --- -- name: "Defined ssh_public_key_path - Check to see if there is a file where the ssh_public_key_path is defined" - stat: - path: "{{ ssh_public_key_path }}" - register: test_ssh_public_key_path - when: ssh_public_key_path is defined +- block: + - name: "Find a suitable SSH public key" + set_fact: + ssh_public_key_path: "{{ item }}" + with_first_found: + - "{{ lookup('env', 'HOME') }}/.ssh/id_rsa.pub" + - "{{ lookup('env', 'HOME') }}/.ssh/id_ed25519.pub" + when: ssh_public_key_path is undefined + ignore_errors: yes + + - name: "Error if ssh_public_key_path cannot be detected" + fail: + msg: "ssh_public_key_path and cannot be guessed from ~/.ssh" + when: ssh_public_key_path is undefined + + - name: "Check to see if there is a file where the ssh_public_key_path is defined" + stat: + path: "{{ ssh_public_key_path }}" + register: test_ssh_public_key_path + + - name: "Error if ssh_public_key_path is not valid" + fail: + msg: "ssh_public_key_path {{ ssh_public_key_path }} was not found" + when: not test_ssh_public_key_path.stat.exists delegate_to: localhost -- name: "Defined ssh_public_key_path - Error if ssh_public_key_path is not valid" - fail: - msg: "ssh_public_key_path is not valid." - when: not test_ssh_public_key_path.stat.exists - delegate_to: localhost - -- name: "Defined ssh_public_key_path - Read SSH public key in" - set_fact: ssh_public_key="{{ lookup('file', ssh_public_key_path ) }}" +- name: "Read SSH public key in ssh_public_key" + set_fact: + ssh_public_key: "{{ lookup('file', ssh_public_key_path ) }}"