Merge pull request #448 from redhatci/add_ssh_keys_day1

expand installer template to set extra SSH pub keys
redhatci · Oct 3, 2024 · 1c96f44 · 1c96f44
2 parents a9e4db3 + 13cee9f
commit 1c96f44
Show file tree

Hide file tree

Showing 4 changed files with 38 additions and 3 deletions.
diff --git a/roles/installer/tasks/25_create-install-config.yml b/roles/installer/tasks/25_create-install-config.yml
@@ -14,7 +14,7 @@
 
 - name: Set Fact for the ssh key of {{ ansible_user }}
   set_fact:
-    key: "{{ sshkey['content'] | b64decode }}"
+    key: "{{ sshkey['content'] | b64decode | trim }}"
   tags: installconfig
 
 - name: Generate install-config.yaml

diff --git a/roles/installer/templates/install-config-virtualmedia.j2 b/roles/installer/templates/install-config-virtualmedia.j2
@@ -194,7 +194,13 @@ platform:
 {% endfor %}
 {% endif %}
 pullSecret: '{{ pullsecret }}'
-sshKey: '{{ key }}'
+sshKey: |-
+  {{ key }}
+{% if ssh_extra_keys_paths is defined and ssh_extra_keys_paths|length %}
+{% for ssh_key_path in ssh_extra_keys_paths %}
+  {{ lookup('file', ssh_key_path | regex_replace('~', lookup('env', 'HOME'))) }}
+{% endfor %}
+{% endif %}
 {% if install_config_appends is defined and install_config_appends|length %}
 {{ install_config_appends }}
 {% endif %}
diff --git a/roles/installer/templates/install-config.j2 b/roles/installer/templates/install-config.j2
@@ -185,7 +185,13 @@ platform:
 {% endfor %}
 {% endif %}
 pullSecret: '{{ pullsecret }}'
-sshKey: '{{ key }}'
+sshKey: |-
+  {{ key }}
+{% if ssh_extra_keys_paths is defined and ssh_extra_keys_paths|length %}
+{% for ssh_key_path in ssh_extra_keys_paths %}
+  {{ lookup('file', ssh_key_path | regex_replace('~', lookup('env', 'HOME'))) }}
+{% endfor %}
+{% endif %}
 {% if install_config_appends is defined and install_config_appends|length %}
 {{ install_config_appends }}
 {% endif %}
diff --git a/roles/node_prep/tasks/10_validation.yml b/roles/node_prep/tasks/10_validation.yml
@@ -601,3 +601,26 @@
   tags:
     - always
     - validation
+
+- name: Check if ssh_extra_keys_paths is defined and paths exist
+  when:
+    - ssh_extra_keys_paths is defined
+    - ssh_extra_keys_paths | length > 0
+  tags:
+    - always
+    - validation
+  block:
+    - name: Check if SSH keys exist
+      ansible.builtin.stat:
+        path: "{{ item }}"
+      loop: "{{ ssh_extra_keys_paths }}"
+      register: _np_ssh_path
+
+    - name: Fail if any ssh path does not exist
+      ansible.builtin.fail:
+        msg: "SSH public key {{ key.item }} file does not exist"
+      when: not key.stat.exists
+      loop: "{{ _np_ssh_path.results }}"
+      loop_control:
+        loop_var: key
+        label: "{{ key.item }}"