From 94ee94d818bf46f405aad66eaa455ca89727bfec Mon Sep 17 00:00:00 2001
From: Kienan Stewart <kstewart@efficios.com>
Date: Wed, 9 Aug 2023 14:10:26 -0400
Subject: [PATCH] ansible: Add play to run produce known_hosts file using
 ssh-keyscan

Change-Id: Iaec237bb973d0f94717b24ea624bc87ea701e6e3
---
 automation/ansible/playbooks/known-hosts.yml | 22 ++++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100644 automation/ansible/playbooks/known-hosts.yml

diff --git a/automation/ansible/playbooks/known-hosts.yml b/automation/ansible/playbooks/known-hosts.yml
new file mode 100644
index 0000000..e490a5f
--- /dev/null
+++ b/automation/ansible/playbooks/known-hosts.yml
@@ -0,0 +1,22 @@
+---
+# Note: this playbook requires ansible-core >= 2.11
+#
+- name: Generate local known_hosts files using ssh-keyscan
+  hosts: localhost
+  tasks:
+    - block:
+        - name: Scan keys
+          ansible.builtin.command:
+            argv: "{{ ['ssh-keyscan' ] + all_hosts }}"
+          register: keyscan_results
+        - ansible.builtin.known_hosts:
+            path: ../known_hosts
+            name: "{{ keyscan_host }}"
+            key: "{{ keyscan_key }}"
+          when: keyscan_results.rc == 0
+          vars:
+            keyscan_host: "{{ item | split(' ') | first }}"
+            keyscan_key: "{{ item }}"
+          with_items: "{{ keyscan_results.stdout | split('\n') }}"
+      vars:
+        all_hosts: "{{ groups['all'] | difference(['localhost']) }}"
-- 
2.34.1