blob: a4fb44b056ac8b80f8a559abf8cd6498321ed240 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
|
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
: Copyright (c) 2017 Mirantis Inc., Enea AB and others.
:
: All rights reserved. This program and the accompanying materials
: are made available under the terms of the Apache License, Version 2.0
: which accompanies this distribution, and is available at
: http://www.apache.org/licenses/LICENSE-2.0
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
From: Charalampos Kominos <Charalampos.Kominos@enea.com>
Date: Sat, 5 Aug 2017 02:03:01 +0200
Subject: [PATCH] maas: region: use authorized_keys 1st entry
MaaS custom py modules accepts the "sshprefs" variable via pillar,
however we want to read it from ~ubuntu/.ssh/authorized_keys.
Bypass the py module and call MaaS CLI directly, passing the first
authorized key, which should be mcp.rsa.pub.
Signed-off-by: Charalampos Kominos <Charalampos.Kominos@enea.com>
---
diff --git a/maas/region.sls b/maas/region.sls
--- a/maas/region.sls
+++ b/maas/region.sls
@@ -242,12 +242,16 @@
- require:
- module: maas_config
-{%- if region.get('sshprefs', False) %}
maas_sshprefs:
- module.run:
- - name: maas.process_sshprefs
+# NOTE(armband): maas.process_sshprefs also works, but we need to read the key
+# from authorized_keys. Should be reworked at some point.
+# module.run:
+# - name: maas.process_sshprefs
+# - require:
+ cmd.run:
+ - name: "maas login {{ region.admin.username }} http://{{ region.bind.host }}:5240/MAAS/api/2.0 - < /var/lib/maas/.maas_credentials && SSH_KEY=$(cat authorized_keys | head -1) && (maas opnfv sshkeys read | grep -q \"$SSH_KEY\" || maas opnfv sshkeys create \"key=$SSH_KEY\")"
+ - cwd: "/home/ubuntu/.ssh"
- require:
- module: maas_config
-{%- endif %}
{%- endif %}
|