From 42b9b3eba9ac7c3e2090668b01e6a297d8f81007 Mon Sep 17 00:00:00 2001 From: Kienan Stewart Date: Wed, 7 Jun 2023 14:18:00 -0400 Subject: [PATCH] ansible: Deploy public key for lava-master-03 to cloud06 When ansible is rerun against cloud06, the public key for the root user of lava-master-03 was being removed, causing lava jobs to fail as they could not connect to run virsh commands. C.f. https://lava-master-03.internal.efficios.com/scheduler/job/502#action_2-3-1-1 Change-Id: I7b7986fa34d8925468ed962c598f73c0bd78b823 --- .../ansible/host_vars/cloud06.internal.efficios.com.yml | 4 ++++ automation/ansible/roles/common/tasks/main.yml | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) create mode 100644 automation/ansible/host_vars/cloud06.internal.efficios.com.yml diff --git a/automation/ansible/host_vars/cloud06.internal.efficios.com.yml b/automation/ansible/host_vars/cloud06.internal.efficios.com.yml new file mode 100644 index 0000000..4aff994 --- /dev/null +++ b/automation/ansible/host_vars/cloud06.internal.efficios.com.yml @@ -0,0 +1,4 @@ +--- +extra_root_ssh_authorized_keys: + # yamllint disable-line rule:line-length + - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILmmI2pn+ncFKm/fOS5+RskBGnhbMd0p399ZWEKLUQ+Q lava-master-03' diff --git a/automation/ansible/roles/common/tasks/main.yml b/automation/ansible/roles/common/tasks/main.yml index 61ee1ee..d901cf0 100644 --- a/automation/ansible/roles/common/tasks/main.yml +++ b/automation/ansible/roles/common/tasks/main.yml @@ -27,7 +27,7 @@ - name: Set up authorized_keys for the root user authorized_key: user: 'root' - key: "{% for key in query('fileglob', 'public_keys/*.pub') %}{{ lookup('file', key) ~ '\n'}}{% endfor %}" + key: "{% for key in query('fileglob', 'public_keys/*.pub') %}{{ lookup('file', key) ~ '\n'}}{% endfor %}\n{% for key in lookup('vars', 'extra_root_ssh_authorized_keys', default=[]) %}{{ key ~ '\n' }}{% endfor %}" exclusive: true when: ansible_os_family != 'Windows' -- 2.34.1