Stop generating ssh keypair for zun and kuryr user

There is no obvious need to have an SSH keypairs for zun and kuryr users I was not able to find any proof in the project installation guide that such keypairs were ever needed. Thus, such functionality is removed. Change-Id: Icdaf2fec944aae95947ff421bf47d88e0cc0505e
2023-10-13 21:25:52 +02:00 · 2023-10-13 21:25:52 +02:00 · 3125263df0
parent 3f5e776ee2
commit 3125263df0
4 changed files with 7 additions and 38 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -230,10 +230,6 @@ zun_service_internaluri: "{{ zun_service_internaluri_proto }}://{{ internal_lb_v
 zun_service_internalurl: "{{ zun_service_internaluri }}"
 zun_service_endpoint_type: internalURL

-# If you want to regenerate the zun users SSH keys, on each run, set this var to True
-# Otherwise keys will be generated on the first run and not regenerated each run.
-zun_recreate_keys: False
-
 ## General Zun configuration
 # Select between the 'runc' or 'kata' runtime
 zun_container_runtime: runc
--- a/releasenotes/notes/no_zun_ssh_keypairs-4d2f4f6e92ee4ea4.yaml
+++ b/releasenotes/notes/no_zun_ssh_keypairs-4d2f4f6e92ee4ea4.yaml
@ -0,0 +1,7 @@
+---
+
+deprecations:
+  - |
+    Generation of SSH keypairs for Zun and Kuryr users has been deprecated
+    and removed.
+    A variable ``zun_recreate_keys`` has been removed and has no effect.
--- a/tasks/zun_compute.yml
+++ b/tasks/zun_compute.yml
@ -189,20 +189,6 @@
  tags:
    - zun-kuryr-group

- name: Remove old kuryr key file(s) if found
-  file:
-    path: "{{ item }}"
-    state: "absent"
-  with_items:
-    - "{{ zun_kuryr_system_home_folder }}/.ssh/authorized_keys"
-    - "{{ zun_kuryr_system_home_folder }}/.ssh/id_rsa"
-    - "{{ zun_kuryr_system_home_folder }}/.ssh/id_rsa.pub"
-  when:
-    - zun_recreate_keys | bool
-  tags:
-    - zun-kuryr-key
-    - zun-kuryr-key-create
-
 - name: Create the kuryr system user
  user:
    name: "{{ zun_kuryr_system_user_name }}"
@ -213,12 +199,9 @@
    system: "yes"
    createhome: "yes"
    home: "{{ zun_kuryr_system_home_folder }}"
-    generate_ssh_key: "yes"
  when: zun_kuryr_system_user_name != 'root'
  tags:
    - zun-kuryr-user
-    - zun-kuryr-key
-    - zun-kuryr-key-create

 - name: Create kuryr dir
  file:
--- a/tasks/zun_pre_install.yml
+++ b/tasks/zun_pre_install.yml
@ -22,20 +22,6 @@
  tags:
    - zun-group

- name: Remove old key file(s) if found
-  file:
-    path: "{{ item }}"
-    state: "absent"
-  with_items:
-    - "{{ zun_system_home_folder }}/.ssh/authorized_keys"
-    - "{{ zun_system_home_folder }}/.ssh/id_rsa"
-    - "{{ zun_system_home_folder }}/.ssh/id_rsa.pub"
-  when:
-    - zun_recreate_keys | bool
-  tags:
-    - zun-key
-    - zun-key-create
-
 - name: Create the zun system user
  user:
    name: "{{ zun_system_user_name }}"
@ -46,11 +32,8 @@
    system: "yes"
    createhome: "yes"
    home: "{{ zun_system_home_folder }}"
-    generate_ssh_key: "yes"
  tags:
    - zun-user
-    - zun-key
-    - zun-key-create

 - name: Create zun dir
  file: