Install ssh key on bridge.openstack.org

We copied this over from puppetmaster, but let's manage it in ansible. The key has been renamed in host_vars on bridge.openstack.org already. Change-Id: Ia102dbe2ae2836880092b8997cb99135f5197b00
2018-08-17 08:43:10 -05:00 · 2018-08-17 08:43:10 -05:00 · c4b111691b
parent 18e45a99dd
commit c4b111691b
4 changed files with 12 additions and 14 deletions
--- a/manifests/site.pp
+++ b/manifests/site.pp
@ -191,7 +191,6 @@ node 'puppetmaster.openstack.org' {
    pin_puppet                => '3.6.',
  }
  class { 'openstack_project::puppetmaster':
-    root_rsa_key                               => hiera('puppetmaster_root_rsa_key'),
    puppetmaster_clouds                        => hiera('puppetmaster_clouds'),
  }
  file { '/etc/openstack/limestone_cacert.pem':
--- a/modules/openstack_project/manifests/puppetmaster.pp
+++ b/modules/openstack_project/manifests/puppetmaster.pp
@ -29,19 +29,6 @@ class openstack_project::puppetmaster (
    ],
  }

-  if ! defined(File['/root/.ssh']) {
-    file { '/root/.ssh':
-      ensure => directory,
-      mode   => '0700',
-    }
-  }
-
-  file { '/root/.ssh/id_rsa':
-    ensure  => present,
-    mode    => '0400',
-    content => $root_rsa_key,
-  }
-
 # Cloud credentials are stored in this directory for launch-node.py.
  file { '/root/ci-launch':
    ensure => directory,
--- a/playbooks/bridge.yaml
+++ b/playbooks/bridge.yaml
@ -2,3 +2,4 @@
  roles:
    - pip3
    - install-ansible
+    - root-keys
--- a/playbooks/roles/root-keys/tasks/main.yaml
+++ b/playbooks/roles/root-keys/tasks/main.yaml
@ -0,0 +1,11 @@
+- name: Ensure .ssh directory
+  file:
+    path: /root/.ssh
+    mode: 0700
+    state: directory
+
+- name: Write out ssh private key
+  copy:
+    content: '{{ root_rsa_key }}'
+    mode: 0400
+    dest: /root/.ssh/id_rsa