From 695a881515c40e29fc12eb5003e0f3682bc4d64b Mon Sep 17 00:00:00 2001
From: "wu.zhihui" <wu.zhihui1@zte.com.cn>
Date: Mon, 20 Mar 2017 10:52:49 +0800
Subject: mistaken delete usefuel public key

Previously, cleanup_creds.sh will delete public keys which of
comment info is "root@$hostname". It could delete useful keys
by accident. In this patch, cleanup_creds.sh will only delete
the key which matches the key's content.

JIRA: QTIP-228

Change-Id: I1095de656570b816b7e170688acd01c27b98e74c
Signed-off-by: wu.zhihui <wu.zhihui1@zte.com.cn>
(cherry picked from commit eaa225cf0c9b8b7bc63b35acdeef75dbacb8b905)
---
 qtip/scripts/cleanup_creds.sh |  4 ++--
 qtip/util/env.py              | 18 ++++++++++++------
 2 files changed, 14 insertions(+), 8 deletions(-)

diff --git a/qtip/scripts/cleanup_creds.sh b/qtip/scripts/cleanup_creds.sh
index 1a7ddc1a..ad66ba95 100755
--- a/qtip/scripts/cleanup_creds.sh
+++ b/qtip/scripts/cleanup_creds.sh
@@ -10,11 +10,11 @@
 
 DEST_IP=$1
 PRIVATE_KEY=$2
-HOSTNAME=$(hostname)
+PUBLIC_KEY=$3
 sshoptions="-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null"
 
 case "$INSTALLER_TYPE" in
     fuel)
-        ssh $sshoptions -i $PRIVATE_KEY root@$DEST_IP "sed -i '/root@$HOSTNAME/d' /root/.ssh/authorized_keys"
+        ssh $sshoptions -i $PRIVATE_KEY root@$DEST_IP "sed -i '/$PUBLIC_KEY/d' /root/.ssh/authorized_keys"
         ;;
 esac
diff --git a/qtip/util/env.py b/qtip/util/env.py
index d00320c4..e666894a 100644
--- a/qtip/util/env.py
+++ b/qtip/util/env.py
@@ -94,7 +94,8 @@ class AnsibleEnvSetup(object):
         if not all_files_exist(PRIVATE_KEY, PUBLIC_KEY):
             logger.info("Generate default keypair {0} under "
                         "{1}".format(KEYNAME, os.environ['HOME']))
-            cmd = '''ssh-keygen -t rsa -N "" -f {0} -q -b 2048'''.format(PRIVATE_KEY)
+            cmd = '''ssh-keygen -t rsa -N "" -f {0} -q -b 2048
+                  -C qtip@insecure'''.format(PRIVATE_KEY)
             os.system(cmd)
         self.keypair['private'] = PRIVATE_KEY
         self.keypair['public'] = PUBLIC_KEY
@@ -195,11 +196,16 @@ class AnsibleEnvSetup(object):
         if CI_DEBUG:
             logger.info("DEBUG Mode: please do cleanup by manual.")
         else:
-            for ip in self.host_ip_list:
-                logger.info("Cleanup authorized_keys from {0}...".format(ip))
-                cmd = 'bash {0}/cleanup_creds.sh {1} {2}'.format(
-                    SCRIPT_DIR, ip, self.keypair['private'])
-                os.system(cmd)
+            with open(self.keypair['public'], 'r') as f:
+                key = f.read().strip('\n').replace('/', '\/')
+            if key:
+                for ip in self.host_ip_list:
+                    logger.info("Cleanup authorized_keys from {0}...".format(ip))
+                    cmd = '''bash {0}/cleanup_creds.sh {1} {2} "{3}"'''.format(
+                        SCRIPT_DIR, ip, self.keypair['private'], key)
+                    os.system(cmd)
+            else:
+                logger.error("Nothing in public key file.")
 
             logger.info("Cleanup hostfile and keypair.")
             clean_file(self.hostfile,
-- 
cgit 1.2.3-korg