From 5c475d917e1cb3e9826d373dc9e9ee830c221c4f Mon Sep 17 00:00:00 2001
From: Thierry Carrez <thierry@openstack.org>
Date: Wed, 29 May 2013 15:36:42 +0200
Subject: [PATCH] Add releasestatus SSH key

Add an SSH keypair for releasestatus so that it can connect to
review.openstack.org to grab review data. Also add review.o.o
public key to known_hosts.

The data in hiera was already added.

Change-Id: I193dfad5b229a0c193ce35d5a8917b0b3b86c117
Reviewed-on: https://review.openstack.org/30881
Reviewed-by: James E. Blair <corvus@inaugust.com>
Approved: Jeremy Stanley <fungi@yuggoth.org>
Reviewed-by: Jeremy Stanley <fungi@yuggoth.org>
Tested-by: Jenkins
---
 manifests/init.pp | 47 ++++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 46 insertions(+), 1 deletion(-)

diff --git a/manifests/init.pp b/manifests/init.pp
index 801e605..3c30d05 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -14,7 +14,11 @@
 #
 # Class: releasestatus
 #
-class releasestatus {
+class releasestatus (
+  $releasestatus_prvkey_contents = '',
+  $releasestatus_pubkey_contents = '',
+  $releasestatus_gerrit_ssh_key = '',
+) {
   if ! defined(Package['python-launchpadlib']) {
     package { 'python-launchpadlib':
       ensure => present,
@@ -54,6 +58,47 @@ class releasestatus {
     require => User['releasestatus'],
   }
 
+  file { '/var/lib/releasestatus/.ssh/':
+    ensure  => directory,
+    owner   => 'releasestatus',
+    group   => 'releasestatus',
+    mode    => '0700',
+    require => File['/var/lib/releasestatus'],
+  }
+
+  if $releasestatus_prvkey_contents != '' {
+    file { '/var/lib/releasestatus/.ssh/id_rsa':
+      owner   => 'releasestatus',
+      group   => 'releasestatus',
+      mode    => '0600',
+      content => $releasestatus_prvkey_contents,
+      replace => true,
+      require => File['/var/lib/releasestatus/.ssh/']
+    }
+  }
+
+  if $releasestatus_pubkey_contents != '' {
+    file { '/var/lib/releasestatus/.ssh/id_rsa.pub':
+      owner   => 'releasestatus',
+      group   => 'releasestatus',
+      mode    => '0600',
+      content => $releasestatus_pubkey_contents,
+      replace => true,
+      require => File['/var/lib/releasestatus/.ssh/']
+    }
+  }
+
+  if $releasestatus_gerrit_ssh_key != '' {
+    file { '/var/lib/releasestatus/.ssh/known_hosts':
+      owner   => 'releasestatus',
+      group   => 'releasestatus',
+      mode    => '0600',
+      content => "review.openstack.org ${releasestatus_gerrit_ssh_key}",
+      replace => true,
+      require => File['/var/lib/releasestatus/.ssh/']
+    }
+  }
+
   vcsrepo { '/var/lib/releasestatus/releasestatus':
     ensure   => latest,
     provider => git,