4 files changed, 84 insertions, 3 deletions

diff --git a/extraconfig/tasks/post_puppet_pacemaker.yaml b/extraconfig/tasks/post_puppet_pacemaker.yaml
index a63868c9..a304e55b 100644
--- a/extraconfig/tasks/post_puppet_pacemaker.yaml
+++ b/extraconfig/tasks/post_puppet_pacemaker.yaml
@@ -25,7 +25,7 @@ resources:
   ControllerPostPuppetMaintenanceModeDeployment:
     type: OS::Heat::SoftwareDeployments
     properties:
-      servers:  {get_param: servers}
+      servers: {get_param: servers}
       config: {get_resource: ControllerPostPuppetMaintenanceModeConfig}
       input_values: {get_param: input_values}
 
@@ -33,5 +33,5 @@ resources:
     type: OS::TripleO::Tasks::ControllerPostPuppetRestart
     depends_on: ControllerPostPuppetMaintenanceModeDeployment
     properties:
-      servers:  {get_param: servers}
+      servers: {get_param: servers}
       input_values: {get_param: input_values}
diff --git a/extraconfig/tasks/run_puppet.sh b/extraconfig/tasks/run_puppet.sh
index b7771e33..e3f6c493 100755
--- a/extraconfig/tasks/run_puppet.sh
+++ b/extraconfig/tasks/run_puppet.sh
@@ -10,7 +10,10 @@ function run_puppet {
     export FACTER_deploy_config_name="${role}Deployment_Step${step}"
     if [ -e "/etc/puppet/hieradata/heat_config_${FACTER_deploy_config_name}.json" ]; then
         set +e
-        puppet apply --detailed-exitcodes "${manifest}"
+        puppet apply --detailed-exitcodes \
+               --modulepath \
+               /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules \
+               "${manifest}"
         rc=$?
         echo "puppet apply exited with exit code $rc"
     else
diff --git a/extraconfig/tasks/ssh/host_public_key.yaml b/extraconfig/tasks/ssh/host_public_key.yaml
new file mode 100644
index 00000000..847c8772
--- /dev/null
+++ b/extraconfig/tasks/ssh/host_public_key.yaml
@@ -0,0 +1,42 @@
+heat_template_version: ocata
+
+description: >
+  This is a template which will fetch the ssh host public key.
+
+parameters:
+  server:
+    description: ID of the node to apply this config to
+    type: string
+
+resources:
+  SshHostPubKeyConfig:
+    type: OS::Heat::SoftwareConfig
+    properties:
+      group: script
+      outputs:
+      - name: rsa
+      - name: ecdsa
+      - name: ed25519
+      config: |
+        #!/bin/sh -x
+        test -e '/etc/ssh/ssh_host_rsa_key.pub' && cat /etc/ssh/ssh_host_rsa_key.pub > $heat_outputs_path.rsa
+        test -e '/etc/ssh/ssh_host_ecdsa_key.pub' && cat /etc/ssh/ssh_host_ecdsa_key.pub > $heat_outputs_path.ecdsa
+        test -e '/etc/ssh/ssh_host_ed25519_key.pub' && cat /etc/ssh/ssh_host_ed25519_key.pub > $heat_outputs_path.ed25519
+
+  SshHostPubKeyDeployment:
+    type: OS::Heat::SoftwareDeployment
+    properties:
+      config: {get_resource: SshHostPubKeyConfig}
+      server: {get_param: server}
+
+
+outputs:
+  ecdsa:
+    description: Host ssh public key (ecdsa)
+    value:  {get_attr: [SshHostPubKeyDeployment, ecdsa]}
+  rsa:
+    description: Host ssh public key (rsa)
+    value:  {get_attr: [SshHostPubKeyDeployment, rsa]}
+  ed25519:
+    description: Host ssh public key (ed25519)
+    value:  {get_attr: [SshHostPubKeyDeployment, ed25519]}
diff --git a/extraconfig/tasks/ssh/known_hosts_config.yaml b/extraconfig/tasks/ssh/known_hosts_config.yaml
new file mode 100644
index 00000000..2ebcb63c
--- /dev/null
+++ b/extraconfig/tasks/ssh/known_hosts_config.yaml
@@ -0,0 +1,36 @@
+heat_template_version: ocata
+description: 'SSH Known Hosts Config'
+
+parameters:
+  known_hosts:
+    type: string
+
+resources:
+
+  SSHKnownHostsConfig:
+    type: OS::Heat::SoftwareConfig
+    properties:
+      group: script
+      inputs:
+        - name: known_hosts
+          default: {get_param: known_hosts}
+      config: |
+        #!/bin/bash
+        set -eux
+        set -o pipefail
+
+        echo "Creating ssh known hosts file"
+
+        if [ ! -z "${known_hosts}" ]; then
+          echo "${known_hosts}"
+          echo -ne "${known_hosts}" > /etc/ssh/ssh_known_hosts
+          chmod 0644 /etc/ssh/ssh_known_hosts
+        else
+          rm -f /etc/ssh/ssh_known_hosts
+          echo "No ssh known hosts"
+        fi
+
+outputs:
+  OS::stack_id:
+    description: The SSHKnownHostsConfig resource.
+    value: {get_resource: SSHKnownHostsConfig}
\ No newline at end of file