Merge "Check pub key file perms and default to pub key data" into stable/queens
This commit is contained in:
commit
6f713cfa95
|
@ -5,6 +5,7 @@
|
|||
vars:
|
||||
amp_ssh_key_name: "{{ amp_ssh_key_name }}"
|
||||
amp_ssh_key_path: "{{ amp_ssh_key_path }}"
|
||||
amp_ssh_key_data: "{{ amp_ssh_key_data }}"
|
||||
auth_username: "{{ auth_username }}"
|
||||
auth_pasword: "{{ auth_password }}"
|
||||
auth_project_name: "{{ auth_project_name }}"
|
||||
|
|
|
@ -3,7 +3,7 @@ amp_image_name: ""
|
|||
amp_image_filename: ""
|
||||
amp_image_tag: "amphora-image"
|
||||
amp_ssh_key_name: "octavia-ssh-key"
|
||||
amp_ssh_key_path: "/home/stack/.ssh/id_rsa.pub"
|
||||
amp_ssh_key_path: ""
|
||||
auth_username: "octavia"
|
||||
auth_project_name: "service"
|
||||
lb_mgmt_net_name: "lb-mgmt-net"
|
||||
|
|
|
@ -29,16 +29,39 @@
|
|||
- include_tasks: image_mgmt.yml
|
||||
when: image_file_result.stat.exists
|
||||
|
||||
- name: check if pub key file exists
|
||||
stat: path="{{ amp_ssh_key_path }}"
|
||||
register: ssh_pub_key_file_result
|
||||
- name: use ssh pub key file if provided and is readable
|
||||
block:
|
||||
- name: check if pub key file exists
|
||||
stat: path="{{ amp_ssh_key_path }}"
|
||||
register: key_file_result
|
||||
ignore_errors: true
|
||||
|
||||
- name: fail if ssh pub key file does not exist or is not readable
|
||||
fail: msg="{{ amp_ssh_key_path }} does not exist or is not readable by user {{ ansible_user }}"
|
||||
when: key_file_result|failed or key_file_result.stat.exists == False or key_file_result.stat.readable == False
|
||||
|
||||
- set_fact:
|
||||
amp_ssh_key_path_final: "{{ amp_ssh_key_path }}"
|
||||
when: amp_ssh_key_path is defined and amp_ssh_key_path != ""
|
||||
|
||||
- name: defaulting to public key from undercloud default keypair
|
||||
block:
|
||||
- name: create temp pub key file
|
||||
tempfile: state=file
|
||||
register: ssh_key_tmp_file
|
||||
|
||||
- name: copy ssh public key content to temp file
|
||||
copy: content="{{ amp_ssh_key_data }}" dest="{{ ssh_key_tmp_file.path }}"
|
||||
|
||||
- set_fact:
|
||||
amp_ssh_key_path_final: "{{ ssh_key_tmp_file.path }}"
|
||||
when: amp_ssh_key_path is not defined or amp_ssh_key_path == ""
|
||||
|
||||
- name: upload pub key to overcloud
|
||||
shell: |
|
||||
openstack keypair show {{ amp_ssh_key_name }} || \
|
||||
openstack keypair create --public-key {{ amp_ssh_key_path }} {{ amp_ssh_key_name }}
|
||||
openstack keypair create --public-key {{ amp_ssh_key_path_final }} {{ amp_ssh_key_name }}
|
||||
environment:
|
||||
OS_USERNAME: {{ auth_username }}
|
||||
OS_PASSWORD: {{ auth_password }}
|
||||
OS_PROJECT_NAME: {{ auth_project_name }}
|
||||
when: ssh_pub_key_file_result.stat.exists == True
|
||||
OS_USERNAME: "{{ auth_username }}"
|
||||
OS_PASSWORD: "{{ auth_password }}"
|
||||
OS_PROJECT_NAME: "{{ auth_project_name }}"
|
||||
|
|
|
@ -0,0 +1,3 @@
|
|||
---
|
||||
fixes:
|
||||
- Check pub key file permissions and default to pub key data for Octavia.
|
|
@ -0,0 +1,3 @@
|
|||
---
|
||||
fixes:
|
||||
- Fix syntax error in octavia-undercloud role.
|
|
@ -13,6 +13,7 @@ workflows:
|
|||
- amp_image_tag
|
||||
- amp_ssh_key_name
|
||||
- amp_ssh_key_path
|
||||
- amp_ssh_key_data
|
||||
- auth_username
|
||||
- auth_password
|
||||
- auth_project_name
|
||||
|
@ -101,6 +102,7 @@ workflows:
|
|||
amp_image_tag: <% $.amp_image_tag %>
|
||||
amp_ssh_key_name: <% $.amp_ssh_key_name %>
|
||||
amp_ssh_key_path: <% $.amp_ssh_key_path %>
|
||||
amp_ssh_key_data: <% $.amp_ssh_key_data %>
|
||||
auth_username: <% $.auth_username %>
|
||||
auth_password: <% $.auth_password %>
|
||||
auth_project_name: <% $.auth_project_name %>
|
||||
|
|
Loading…
Reference in New Issue