From 43d03a03cca7bdf81cad0936cdd6f479b1d70eb7 Mon Sep 17 00:00:00 2001
From: Jesse Pretorius <jesse.pretorius@rackspace.co.uk>
Date: Thu, 15 Jun 2017 20:10:41 +0100
Subject: [PATCH] Split user create and ssh key generation

In order to allow an install and config split, but not
to have ssh keys left inside an pre-installed container,
the two tasks are split and tagged appropriately.

Change-Id: I468d1178179d70edfe4b19d40a9a32b35ad18258
---
 tasks/keystone_post_install.yml | 8 ++++++++
 tasks/keystone_pre_install.yml  | 1 -
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/tasks/keystone_post_install.yml b/tasks/keystone_post_install.yml
index 5a97c520..62ac99d8 100644
--- a/tasks/keystone_post_install.yml
+++ b/tasks/keystone_post_install.yml
@@ -13,6 +13,14 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+- name: Generate the keystone system user ssh key
+  user:
+    name: "{{ keystone_system_user_name }}"
+    generate_ssh_key: "yes"
+  delegate_to: "{{ item }}"
+  with_items: "{{ ansible_play_hosts }}"
+  when: "inventory_hostname == ansible_play_hosts[0]"
+
 - name: Retrieve default configuration files
   uri:
     url: "{{ item }}"
diff --git a/tasks/keystone_pre_install.yml b/tasks/keystone_pre_install.yml
index cc2c7e8a..e97a1065 100644
--- a/tasks/keystone_pre_install.yml
+++ b/tasks/keystone_pre_install.yml
@@ -57,7 +57,6 @@
     system: "yes"
     createhome: "yes"
     home: "{{ keystone_system_user_home }}"
-    generate_ssh_key: "yes"
   delegate_to: "{{ item }}"
   with_items: "{{ ansible_play_hosts }}"
   when: "inventory_hostname == ansible_play_hosts[0]"