Merge "Check pub key file perms and default to pub key data" into stable/queens
This commit is contained in:
commit
6f713cfa95
|
@ -5,6 +5,7 @@
|
||||||
vars:
|
vars:
|
||||||
amp_ssh_key_name: "{{ amp_ssh_key_name }}"
|
amp_ssh_key_name: "{{ amp_ssh_key_name }}"
|
||||||
amp_ssh_key_path: "{{ amp_ssh_key_path }}"
|
amp_ssh_key_path: "{{ amp_ssh_key_path }}"
|
||||||
|
amp_ssh_key_data: "{{ amp_ssh_key_data }}"
|
||||||
auth_username: "{{ auth_username }}"
|
auth_username: "{{ auth_username }}"
|
||||||
auth_pasword: "{{ auth_password }}"
|
auth_pasword: "{{ auth_password }}"
|
||||||
auth_project_name: "{{ auth_project_name }}"
|
auth_project_name: "{{ auth_project_name }}"
|
||||||
|
|
|
@ -3,7 +3,7 @@ amp_image_name: ""
|
||||||
amp_image_filename: ""
|
amp_image_filename: ""
|
||||||
amp_image_tag: "amphora-image"
|
amp_image_tag: "amphora-image"
|
||||||
amp_ssh_key_name: "octavia-ssh-key"
|
amp_ssh_key_name: "octavia-ssh-key"
|
||||||
amp_ssh_key_path: "/home/stack/.ssh/id_rsa.pub"
|
amp_ssh_key_path: ""
|
||||||
auth_username: "octavia"
|
auth_username: "octavia"
|
||||||
auth_project_name: "service"
|
auth_project_name: "service"
|
||||||
lb_mgmt_net_name: "lb-mgmt-net"
|
lb_mgmt_net_name: "lb-mgmt-net"
|
||||||
|
|
|
@ -29,16 +29,39 @@
|
||||||
- include_tasks: image_mgmt.yml
|
- include_tasks: image_mgmt.yml
|
||||||
when: image_file_result.stat.exists
|
when: image_file_result.stat.exists
|
||||||
|
|
||||||
|
- name: use ssh pub key file if provided and is readable
|
||||||
|
block:
|
||||||
- name: check if pub key file exists
|
- name: check if pub key file exists
|
||||||
stat: path="{{ amp_ssh_key_path }}"
|
stat: path="{{ amp_ssh_key_path }}"
|
||||||
register: ssh_pub_key_file_result
|
register: key_file_result
|
||||||
|
ignore_errors: true
|
||||||
|
|
||||||
|
- name: fail if ssh pub key file does not exist or is not readable
|
||||||
|
fail: msg="{{ amp_ssh_key_path }} does not exist or is not readable by user {{ ansible_user }}"
|
||||||
|
when: key_file_result|failed or key_file_result.stat.exists == False or key_file_result.stat.readable == False
|
||||||
|
|
||||||
|
- set_fact:
|
||||||
|
amp_ssh_key_path_final: "{{ amp_ssh_key_path }}"
|
||||||
|
when: amp_ssh_key_path is defined and amp_ssh_key_path != ""
|
||||||
|
|
||||||
|
- name: defaulting to public key from undercloud default keypair
|
||||||
|
block:
|
||||||
|
- name: create temp pub key file
|
||||||
|
tempfile: state=file
|
||||||
|
register: ssh_key_tmp_file
|
||||||
|
|
||||||
|
- name: copy ssh public key content to temp file
|
||||||
|
copy: content="{{ amp_ssh_key_data }}" dest="{{ ssh_key_tmp_file.path }}"
|
||||||
|
|
||||||
|
- set_fact:
|
||||||
|
amp_ssh_key_path_final: "{{ ssh_key_tmp_file.path }}"
|
||||||
|
when: amp_ssh_key_path is not defined or amp_ssh_key_path == ""
|
||||||
|
|
||||||
- name: upload pub key to overcloud
|
- name: upload pub key to overcloud
|
||||||
shell: |
|
shell: |
|
||||||
openstack keypair show {{ amp_ssh_key_name }} || \
|
openstack keypair show {{ amp_ssh_key_name }} || \
|
||||||
openstack keypair create --public-key {{ amp_ssh_key_path }} {{ amp_ssh_key_name }}
|
openstack keypair create --public-key {{ amp_ssh_key_path_final }} {{ amp_ssh_key_name }}
|
||||||
environment:
|
environment:
|
||||||
OS_USERNAME: {{ auth_username }}
|
OS_USERNAME: "{{ auth_username }}"
|
||||||
OS_PASSWORD: {{ auth_password }}
|
OS_PASSWORD: "{{ auth_password }}"
|
||||||
OS_PROJECT_NAME: {{ auth_project_name }}
|
OS_PROJECT_NAME: "{{ auth_project_name }}"
|
||||||
when: ssh_pub_key_file_result.stat.exists == True
|
|
||||||
|
|
|
@ -0,0 +1,3 @@
|
||||||
|
---
|
||||||
|
fixes:
|
||||||
|
- Check pub key file permissions and default to pub key data for Octavia.
|
|
@ -0,0 +1,3 @@
|
||||||
|
---
|
||||||
|
fixes:
|
||||||
|
- Fix syntax error in octavia-undercloud role.
|
|
@ -13,6 +13,7 @@ workflows:
|
||||||
- amp_image_tag
|
- amp_image_tag
|
||||||
- amp_ssh_key_name
|
- amp_ssh_key_name
|
||||||
- amp_ssh_key_path
|
- amp_ssh_key_path
|
||||||
|
- amp_ssh_key_data
|
||||||
- auth_username
|
- auth_username
|
||||||
- auth_password
|
- auth_password
|
||||||
- auth_project_name
|
- auth_project_name
|
||||||
|
@ -101,6 +102,7 @@ workflows:
|
||||||
amp_image_tag: <% $.amp_image_tag %>
|
amp_image_tag: <% $.amp_image_tag %>
|
||||||
amp_ssh_key_name: <% $.amp_ssh_key_name %>
|
amp_ssh_key_name: <% $.amp_ssh_key_name %>
|
||||||
amp_ssh_key_path: <% $.amp_ssh_key_path %>
|
amp_ssh_key_path: <% $.amp_ssh_key_path %>
|
||||||
|
amp_ssh_key_data: <% $.amp_ssh_key_data %>
|
||||||
auth_username: <% $.auth_username %>
|
auth_username: <% $.auth_username %>
|
||||||
auth_password: <% $.auth_password %>
|
auth_password: <% $.auth_password %>
|
||||||
auth_project_name: <% $.auth_project_name %>
|
auth_project_name: <% $.auth_project_name %>
|
||||||
|
|
Loading…
Reference in New Issue