From 13cee9fbe6c241b997fd53a6b0fed21c4bedc6d7 Mon Sep 17 00:00:00 2001 From: Manuel Rodriguez Date: Fri, 27 Sep 2024 17:46:19 -0400 Subject: [PATCH] expand installer template to set extra SSH pub keys This will allow to specify multiple SSH key paths to be applied at day1 and SSH can be performed from multiple sources. Remove extra new line \n from SSH key --- .../tasks/25_create-install-config.yml | 2 +- .../templates/install-config-virtualmedia.j2 | 8 ++++++- roles/installer/templates/install-config.j2 | 8 ++++++- roles/node_prep/tasks/10_validation.yml | 23 +++++++++++++++++++ 4 files changed, 38 insertions(+), 3 deletions(-) diff --git a/roles/installer/tasks/25_create-install-config.yml b/roles/installer/tasks/25_create-install-config.yml index a053d9b03..8f0c929e1 100644 --- a/roles/installer/tasks/25_create-install-config.yml +++ b/roles/installer/tasks/25_create-install-config.yml @@ -14,7 +14,7 @@ - name: Set Fact for the ssh key of {{ ansible_user }} set_fact: - key: "{{ sshkey['content'] | b64decode }}" + key: "{{ sshkey['content'] | b64decode | trim }}" tags: installconfig - name: Generate install-config.yaml diff --git a/roles/installer/templates/install-config-virtualmedia.j2 b/roles/installer/templates/install-config-virtualmedia.j2 index 10d338ca6..d52b56f5e 100644 --- a/roles/installer/templates/install-config-virtualmedia.j2 +++ b/roles/installer/templates/install-config-virtualmedia.j2 @@ -194,7 +194,13 @@ platform: {% endfor %} {% endif %} pullSecret: '{{ pullsecret }}' -sshKey: '{{ key }}' +sshKey: |- + {{ key }} +{% if ssh_extra_keys_paths is defined and ssh_extra_keys_paths|length %} +{% for ssh_key_path in ssh_extra_keys_paths %} + {{ lookup('file', ssh_key_path | regex_replace('~', lookup('env', 'HOME'))) }} +{% endfor %} +{% endif %} {% if install_config_appends is defined and install_config_appends|length %} {{ install_config_appends }} {% endif %} diff --git a/roles/installer/templates/install-config.j2 b/roles/installer/templates/install-config.j2 index d26d55a01..1f00523f4 100644 --- a/roles/installer/templates/install-config.j2 +++ b/roles/installer/templates/install-config.j2 @@ -185,7 +185,13 @@ platform: {% endfor %} {% endif %} pullSecret: '{{ pullsecret }}' -sshKey: '{{ key }}' +sshKey: |- + {{ key }} +{% if ssh_extra_keys_paths is defined and ssh_extra_keys_paths|length %} +{% for ssh_key_path in ssh_extra_keys_paths %} + {{ lookup('file', ssh_key_path | regex_replace('~', lookup('env', 'HOME'))) }} +{% endfor %} +{% endif %} {% if install_config_appends is defined and install_config_appends|length %} {{ install_config_appends }} {% endif %} diff --git a/roles/node_prep/tasks/10_validation.yml b/roles/node_prep/tasks/10_validation.yml index da544989b..9bfb8a6b0 100644 --- a/roles/node_prep/tasks/10_validation.yml +++ b/roles/node_prep/tasks/10_validation.yml @@ -601,3 +601,26 @@ tags: - always - validation + +- name: Check if ssh_extra_keys_paths is defined and paths exist + when: + - ssh_extra_keys_paths is defined + - ssh_extra_keys_paths | length > 0 + tags: + - always + - validation + block: + - name: Check if SSH keys exist + ansible.builtin.stat: + path: "{{ item }}" + loop: "{{ ssh_extra_keys_paths }}" + register: _np_ssh_path + + - name: Fail if any ssh path does not exist + ansible.builtin.fail: + msg: "SSH public key {{ key.item }} file does not exist" + when: not key.stat.exists + loop: "{{ _np_ssh_path.results }}" + loop_control: + loop_var: key + label: "{{ key.item }}"