Make the Gerrit SSH key configurable

Make it possible to provide an SSH key for the jenkins user on slave
hosts, rather than expecting it to be manually provided. This is
useful for long-lived slaves which need to SSH into Gerrit for
proposing new changes or pushing tags.

Change-Id: Id07bd1e9f08f2d7c7ea6653867d7440a8ade6ee6

manifests/jenkinsuser.pp

@@ -6,6 +6,8 @@ class jenkins::jenkinsuser(
   $gitfullname = 'OpenStack Jenkins',
   $gitemail = 'jenkins@openstack.org',
   $gerrituser = 'jenkins',
+  $gerritkeytype = 'rsa',
+  $gerritkey = undef,
 ) {
 
   group { 'jenkins':
@@ -65,6 +67,17 @@ class jenkins::jenkinsuser(
     require => File['/home/jenkins/.ssh'],
   }
 
+  if $gerritkey != undef {
+    file { "/home/jenkins/.ssh/id_${gerritkeytype}":
+      ensure  => 'file',
+      owner   => 'jenkins',
+      group   => 'jenkins',
+      mode    => '0600',
+      content => $gerritkey,
+      require => File['/home/jenkins/.ssh'],
+    }
+  }
+
   #NOTE: not all distributions have default bash files in /etc/skel
   if ($::osfamily == 'Debian') {
 

manifests/slave.pp

@@ -6,6 +6,8 @@ class jenkins::slave(
   $gitfullname = 'OpenStack Jenkins',
   $gitemail = 'jenkins@openstack.org',
   $gerrituser = 'jenkins',
+  $gerritkeytype = 'rsa',
+  $gerritkey = undef,
 ) {
 
   include ::haveged
@@ -14,11 +16,13 @@ class jenkins::slave(
 
   if ($user == true) {
     class { '::jenkins::jenkinsuser':
-      ensure      => present,
-      ssh_key     => $ssh_key,
-      gitfullname => $gitfullname,
-      gitemail    => $gitemail,
-      gerrituser  => $gerrituser,
+      ensure        => present,
+      ssh_key       => $ssh_key,
+      gitfullname   => $gitfullname,
+      gitemail      => $gitemail,
+      gerrituser    => $gerrituser,
+      gerritkeytype => $gerritkeytype,
+      gerritkey     => $gerritkey,
     }
   }