From f0010f606f8cede21194cebfdd468e3f0113034f Mon Sep 17 00:00:00 2001
From: Gregory Thiemonge <gthiemon@redhat.com>
Date: Tue, 30 Mar 2021 11:26:40 +0200
Subject: [PATCH] Add OctaviaAmphoraSshKeyDir for ssh key creation for Octavia

The Octavia playbook now creates a ssh key unless the user explicitly
sets the OctaviaAmphoraSshKeyFile parameter.
The playbook creates it in the OctaviaAmphoraSshKeyDir directory
(default: /etc/octavia/ssh).

Related-bug: #1907112
Change-Id: I4f31ddc3392e70cff1187ba8b9511af12df4b063
---
 ci/environments/scenario010-standalone.yaml   |  1 -
 .../octavia/octavia-deployment-config.j2.yaml | 21 +++++--------------
 2 files changed, 5 insertions(+), 17 deletions(-)

diff --git a/ci/environments/scenario010-standalone.yaml b/ci/environments/scenario010-standalone.yaml
index c0bbef6527..8ec1eaff50 100644
--- a/ci/environments/scenario010-standalone.yaml
+++ b/ci/environments/scenario010-standalone.yaml
@@ -23,7 +23,6 @@ resource_registry:
 parameter_defaults:
   StandaloneExtraConfig:
     octavia::controller::connection_retry_interval: 10
-  OctaviaAmphoraSshKeyFile: /home/zuul/.ssh/id_rsa.pub
   OctaviaAmphoraImageFilename: /home/zuul/amphora.qcow2
   OctaviaCaKeyPassphrase: 'upstreamci'
   OctaviaManageNovaFlavor: true
diff --git a/deployment/octavia/octavia-deployment-config.j2.yaml b/deployment/octavia/octavia-deployment-config.j2.yaml
index 26218b476c..2db5994af2 100644
--- a/deployment/octavia/octavia-deployment-config.j2.yaml
+++ b/deployment/octavia/octavia-deployment-config.j2.yaml
@@ -1,8 +1,4 @@
 heat_template_version: wallaby
-{%- set octavia_standalone=[] -%}
-{%- for role in roles if 'standalone' in role.tags -%}
-  {% if octavia_standalone.append('1') %}{% endif %}
-{%- endfor %}
 
 description: >
   Configuration of Octavia as-a-service resources in the overcloud.
@@ -79,14 +75,16 @@ parameters:
     description: SSH key name.
   OctaviaAmphoraSshKeyFile:
     type: string
-{% if not octavia_standalone %}
     default: ''
-{% endif %}
     description: Public key file path. User will be able to SSH into amphorae
       with the provided key. User may, in most cases, also elevate to root
       from user 'centos' (CentOS), 'ubuntu' (Ubuntu) or 'cloud-user' (RHEL)
       (depends on how amphora image was created). Logging in to amphorae
       provides a convenient way to e.g. debug load balancing services.
+  OctaviaAmphoraSshKeyDir:
+    type: string
+    default: '/etc/octavia/ssh'
+    description: Octavia generated SSH key directory.
   NovaEnableRbdBackend:
     default: false
     description: Whether to enable the Rbd backend for Nova ephemeral storage.
@@ -201,13 +199,6 @@ conditions:
       - raw
     - get_param: NovaEnableRbdBackend
 
-resources:
-{% if not octavia_standalone %}
-  default_key_pair:
-    type: OS::Nova::KeyPair
-    external_id: default
-{% endif %}
-
 outputs:
   role_data:
     description: Role data for the Octavia configuration service
@@ -231,9 +222,7 @@ outputs:
                   amp_hw_arch: { get_param: OctaviaAmphoraImageArchitecture }
                   amp_ssh_key_name: { get_param: OctaviaAmphoraSshKeyName }
                   amp_ssh_key_path: { get_param: OctaviaAmphoraSshKeyFile }
-                {% if not octavia_standalone %}
-                  amp_ssh_key_data: { get_attr: [default_key_pair, public_key] }
-                {% endif %}
+                  amp_ssh_key_dir: { get_param: OctaviaAmphoraSshKeyDir }
                   amp_to_raw: {if: [octavia_raw_image_check, true, false]}
                   auth_username: { get_param: OctaviaUserName }
                   auth_password: { get_param: OctaviaPassword }