Allow tripleo-admin user to have a keypair

By setting tripleo_admin_generate_key:true, the user will have
a keypair created for it, and the public key is added to the
authorized_keys file for that user.

This allows the private key file to be injected elsewhere for other
users to access this user.

Specifically, this private key will be made available to the
mistral-executor container so that it can ssh out into the
tripleo-admin user on the undercloud.

Change-Id: I6ec5a01e736aeb00fcad1e589211c6a8a8aeecef

roles/tripleo-create-admin/README.md

@@ -36,6 +36,15 @@ None
           name: tripleo-create-admin
           tasks_from: create_user.yml
 
+### Create user tripleo-admin with a keypair ###
+    - hosts: undercloud
+      tasks:
+      - import_role:
+          name: tripleo-create-admin
+          tasks_from: create_user.yml
+        vars: 
+          tripleo_admin_generate_key: true
+
 ### Authorize existing user ###
 
     - hosts: localhost

roles/tripleo-create-admin/defaults/main.yml

@@ -1 +1,2 @@
 tripleo_admin_user: tripleo-admin
+tripleo_admin_generate_key: false

roles/tripleo-create-admin/tasks/create_user.yml

@@ -1,6 +1,7 @@
 - name: create user {{ tripleo_admin_user }}
   user:
     name: '{{ tripleo_admin_user }}'
+    generate_ssh_key: '{{ tripleo_admin_generate_key }}'
 - name: grant admin rights to user {{ tripleo_admin_user }}
   copy:
     dest: /etc/sudoers.d/{{ tripleo_admin_user }}
@@ -21,3 +22,9 @@
     owner: '{{ tripleo_admin_user }}'
     group: '{{ tripleo_admin_user }}'
     mode: 0600
+- name: append {{ tripleo_admin_user }} public key to authorized_keys
+  lineinfile:
+    path: /home/{{ tripleo_admin_user }}/.ssh/authorized_keys
+    line: "{{ lookup('file', '/home/' + tripleo_admin_user + '/.ssh/id_rsa.pub')}}"
+    state: present
+  when: tripleo_admin_generate_key