Skip to content

Commit 4fadc6b

Browse files
michburkmichburk
committed
feat(libvirt_manager): Account for non-zuul user when configuring ssh
It is possible to set a non-zuul user in a vm's config, this pulls in the user from the config to account for this possibility when managing ssh keys and ansible inventories.
1 parent 234ab31 commit 4fadc6b

File tree

3 files changed

+25
-23
lines changed

3 files changed

+25
-23
lines changed

roles/libvirt_manager/tasks/generate_networking_data.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -109,6 +109,7 @@
109109
_ssh_user: >-
110110
{{
111111
_cifmw_libvirt_manager_layout.vms[_vm_type].admin_user |
112+
default(_cifmw_libvirt_manager_layout.vms[_vm_type].user) |
112113
default('zuul')
113114
}}
114115
_add_ansible_host: >-

roles/libvirt_manager/tasks/manage_vms.yml

Lines changed: 23 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,7 @@
2222
regex_replace('^.*-([0-9]+)$',
2323
vm_type ~ '-\1')
2424
}}
25-
_user: "{{ 'core' if vm is match('^(crc|ocp).*') else 'zuul' }}"
25+
_user: "{{ 'core' if vm is match('^(crc|ocp).*') else vm_data.get('user', 'zuul') }}"
2626
dataset:
2727
ssh_dir: "{{ ansible_user_dir }}/.ssh"
2828
user: "{{ _user }}"
@@ -86,28 +86,29 @@
8686
ssh core@{{ vm_con_name }}
8787
"sudo growpart /dev/sda {{ _root_part }}; sudo xfs_growfs /;"
8888
89-
- name: "Inject private key on hosts {{ vm }}"
89+
- name: "Manage ssh keys on {{ vm }}"
9090
when:
9191
- vm_type is match('^controller.*$')
9292
- _cifmw_libvirt_manager_layout.vms[vm_type].start | default(true)
93-
delegate_to: "{{ vm_con_name }}"
94-
remote_user: "{{ _init_admin_user }}"
95-
ansible.builtin.copy:
96-
dest: "/home/zuul/.ssh/id_cifw"
97-
content: "{{ priv_key }}"
98-
owner: "{{ cifmw_libvirt_manager_user }}"
99-
group: "{{ cifmw_libvirt_manager_user }}"
100-
mode: "0400"
93+
vars:
94+
_user: "{{ vm_data.get('user', 'zuul') }}"
95+
block:
96+
- name: "Inject private key on hosts {{ vm }}"
97+
delegate_to: "{{ vm_con_name }}"
98+
remote_user: "{{ _init_admin_user }}"
99+
ansible.builtin.copy:
100+
dest: "/home/{{ _user }}/.ssh/id_cifw"
101+
content: "{{ priv_key }}"
102+
owner: "{{ _user }}"
103+
group: "{{ _user }}"
104+
mode: "0400"
101105

102-
- name: "Inject public key on hosts {{ vm }}"
103-
when:
104-
- vm_type is match('^controller.*$')
105-
- _cifmw_libvirt_manager_layout.vms[vm_type].start | default(true)
106-
delegate_to: "{{ vm_con_name }}"
107-
remote_user: "{{ _init_admin_user }}"
108-
ansible.builtin.copy:
109-
dest: "/home/zuul/.ssh/id_cifw.pub"
110-
content: "{{ pub_key }}"
111-
owner: "{{ cifmw_libvirt_manager_user }}"
112-
group: "{{ cifmw_libvirt_manager_user }}"
113-
mode: "0444"
106+
- name: "Inject public key on hosts {{ vm }}"
107+
delegate_to: "{{ vm_con_name }}"
108+
remote_user: "{{ _init_admin_user }}"
109+
ansible.builtin.copy:
110+
dest: "/home/{{ _user }}/.ssh/id_cifw.pub"
111+
content: "{{ pub_key }}"
112+
owner: "{{ _user }}"
113+
group: "{{ _user }}"
114+
mode: "0444"

roles/libvirt_manager/templates/inventory.yml.j2

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@
55
{% set hostname = (host.key is match('^ocp.*')) | ternary(ocp_name, host.key) %}
66
{{ host.key }}:
77
ansible_host: {{ hostname }}.utility
8-
ansible_user: {{ _cifmw_libvirt_manager_layout.vms[item].admin_user | default('zuul') }}
8+
ansible_user: {{ _cifmw_libvirt_manager_layout.vms[item].admin_user | default(_cifmw_libvirt_manager_layout.vms[item].user) | default('zuul') }}
99
ansible_ssh_common_args: '-o StrictHostKeyChecking=no'
1010
{% if item is match('^crc.*') %}
1111
ansible_ssh_private_key_file: ~/.ssh/crc_key

0 commit comments

Comments
 (0)