Use shell module to generate keys
openssh_keypair ansible module was moved to community.crypto
collection from Ansible-Core 2.11, we can't use it now.
For using it in the product we either need to package and add to
deps and maintain the whole community.crypto module, either to
use 'shell' command to generate the keys.
Added "creates" so keys won't be overridden if they exists,
keeping the idempotency. [1]
[1] https://github.com/ansible-collections/community.crypto/blob/
91d98c44137cde53726bfa8f61898f3c28041e20/plugins/module_utils/openssh/backends/common.py#L188
Change-Id: Ib9a31518ee9408d89abff4c4eb18a7cfe243fb58
(cherry picked from commit d5cdae7897
)
This commit is contained in:
parent
52f779b55f
commit
1accb1e4e2
|
@ -58,8 +58,9 @@
|
|||
state: directory
|
||||
|
||||
- name: Generate ssh key for Octavia
|
||||
openssh_keypair:
|
||||
path: "{{ ssh_key_dir }}/octavia_id_rsa"
|
||||
shell: "ssh-keygen -q -t rsa -N '' -f {{ ssh_key_dir }}/octavia_id_rsa"
|
||||
args:
|
||||
creates: "{{ ssh_key_dir }}/octavia_id_rsa"
|
||||
no_log: "{{ octavia_undercloud_config_hide_sensitive_logs | bool }}"
|
||||
|
||||
- name: Set ssh key path fact
|
||||
|
|
|
@ -36,20 +36,28 @@
|
|||
- "{{ tripleo_transfer_dest_host }}"
|
||||
|
||||
- name: generate ssh key-pair in source host
|
||||
community.crypto.openssh_keypair:
|
||||
path: "{{ tripleo_transfer_key_location }}"
|
||||
shell: "ssh-keygen -t rsa -q -N '' -f {{ tripleo_transfer_key_location }}"
|
||||
args:
|
||||
creates: "{{ tripleo_transfer_key_location }}"
|
||||
delegate_to: "{{ tripleo_transfer_src_host }}"
|
||||
become: "{{ tripleo_transfer_src_become }}"
|
||||
register: keypair_generation
|
||||
|
||||
- name: register public key
|
||||
command: "cat {{ tripleo_transfer_key_location }}.pub"
|
||||
delegate_to: "{{ tripleo_transfer_src_host }}"
|
||||
become: "{{ tripleo_transfer_src_become }}"
|
||||
register: keypair_gen
|
||||
when: keypair_generation is succeeded
|
||||
|
||||
- name: set authorized-keys in destination host
|
||||
authorized_key:
|
||||
comment: "Added by tripleo-transfer"
|
||||
user: "{{ ansible_user|default(ansible_ssh_user|default(hostvars[tripleo_transfer_dest_host].ansible_user_id)) }}"
|
||||
state: present
|
||||
key: "{{ keypair_gen.public_key }}"
|
||||
key: "{{ keypair_gen.stdout }}"
|
||||
delegate_to: "{{ tripleo_transfer_dest_host }}"
|
||||
when: keypair_gen is succeeded
|
||||
when: keypair_generation is succeeded
|
||||
|
||||
- import_tasks: flag.yml
|
||||
when:
|
||||
|
|
Loading…
Reference in New Issue