From fb50e99438b5676dcafa289aa1b1a1539909481e Mon Sep 17 00:00:00 2001 From: Dmitriy Rabotyagov Date: Fri, 13 Oct 2023 22:06:38 +0200 Subject: [PATCH] Stop generating ssh keypair for ironic user There is no obvious need to have an SSH keypairs for ironic user I was not able to find any proof in the project installation guide that such keypairs were ever needed. Thus, such functionality is removed. Depends-On: https://review.opendev.org/c/openstack/openstack-ansible-plugins/+/896017 Change-Id: I493d5f5aa0a915e7bc9fb7dbcd2673749c0b95d3 --- defaults/main.yml | 5 ----- .../no_ironic_ssh_keypairs-b666bcdd67ca179b.yaml | 6 ++++++ tasks/ironic_pre_install.yml | 11 ----------- 3 files changed, 6 insertions(+), 16 deletions(-) create mode 100644 releasenotes/notes/no_ironic_ssh_keypairs-b666bcdd67ca179b.yaml diff --git a/defaults/main.yml b/defaults/main.yml index 229715d7..8b4fdb00 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -228,11 +228,6 @@ ironic_db_connection_string: >- # Common configuration ironic_node_name: ironic -# If you want to regenerate the ironic users SSH keys, on each run, set this -# var to True. Otherwise keys will be generated on the first run and not -# regenerated each run. -ironic_recreate_keys: False - ironic_tftp_server_address: "{{ ironic_bmaas_address }}" # Use this variable to add extra files into the ironic_tftp_root directory diff --git a/releasenotes/notes/no_ironic_ssh_keypairs-b666bcdd67ca179b.yaml b/releasenotes/notes/no_ironic_ssh_keypairs-b666bcdd67ca179b.yaml new file mode 100644 index 00000000..ff480c8e --- /dev/null +++ b/releasenotes/notes/no_ironic_ssh_keypairs-b666bcdd67ca179b.yaml @@ -0,0 +1,6 @@ +--- +deprecations: + - | + Generation of SSH keypairs for Ironic users has been deprecated + and removed. + A variable ``ironic_recreate_keys`` has been removed and has no effect. diff --git a/tasks/ironic_pre_install.yml b/tasks/ironic_pre_install.yml index 25659362..a5e02f7b 100644 --- a/tasks/ironic_pre_install.yml +++ b/tasks/ironic_pre_install.yml @@ -19,16 +19,6 @@ state: "present" system: "yes" -- name: Remove old key file(s) if found - file: - path: "{{ item }}" - state: "absent" - with_items: - - "{{ ironic_system_home_folder }}/.ssh/authorized_keys" - - "{{ ironic_system_home_folder }}/.ssh/id_rsa" - - "{{ ironic_system_home_folder }}/.ssh/id_rsa.pub" - when: ironic_recreate_keys | bool - - name: Create ironic system users user: name: "{{ ironic_system_user_name }}" @@ -38,7 +28,6 @@ system: "yes" createhome: "yes" home: "{{ ironic_system_home_folder }}" - generate_ssh_key: "yes" - name: Create ironic dir file: