From b214e276ec8a1971a1b0f9da572a297c02fa5ee8 Mon Sep 17 00:00:00 2001
From: Monty Taylor <mordred@inaugust.com>
Date: Fri, 25 Aug 2017 17:18:27 -0500
Subject: [PATCH] Add role for adding ssh key to remote nodes

Some tasks, such as proposal tasks, need to make outbound ssh
connections via non-ansible means. Add a role that takes a secret and
writes out a private key and optionally a known hosts entry.

Change-Id: I569b93ba0e775896b5a4f59b544fe32d1e2dce9b
---
 roles/add-sshkey/README.rst      | 20 ++++++++++++++++++++
 roles/add-sshkey/tasks/main.yaml | 10 ++++++++++
 2 files changed, 30 insertions(+)
 create mode 100644 roles/add-sshkey/README.rst
 create mode 100644 roles/add-sshkey/tasks/main.yaml

diff --git a/roles/add-sshkey/README.rst b/roles/add-sshkey/README.rst
new file mode 100644
index 000000000..7f0ff7275
--- /dev/null
+++ b/roles/add-sshkey/README.rst
@@ -0,0 +1,20 @@
+Add an ssh key to the host so that non-ansible ssh connections can be made.
+
+**Role Variables**
+
+.. zuul:rolevar:: ssh_key
+
+  Complex argument which contains the ssh key information. It is
+  expected that this argument comes from a `Secret`.
+
+  .. zuul:rolevar:: ssh_known_hosts
+
+    String containing known host signature for the remote host.
+
+  .. zuul:rolevar:: ssh_private_key
+
+    Contents of the ssh private key to use.
+
+  .. zuul:rolevar:: fqdn
+
+    The FQDN of the remote host.
diff --git a/roles/add-sshkey/tasks/main.yaml b/roles/add-sshkey/tasks/main.yaml
new file mode 100644
index 000000000..98a743f27
--- /dev/null
+++ b/roles/add-sshkey/tasks/main.yaml
@@ -0,0 +1,10 @@
+- name: Write out ssh key
+  file:
+    path: "~/.ssh/id_rsa"
+    content: "{{ ssh_key.ssh_private_key }}"
+
+- name: Add host key information to known hosts
+  known_hosts:
+    name: "{{ ssh_key.fqdn }}"
+    key: "{{ ssh_key.ssh_known_hosts }}"
+  when: ssh_key.ssh_known_hosts is defined and ssh_key.fqdn is defined