Make provision/remote role safe to include statically
Currently including the provision/remote role without intending to actually use it will break if the {{ virt_host_key }}.pub file does not exist. Ideally, we would be able to include it dynamically so that the tasks are not evaluated at compile time, but instead only if they are run. This would require a pretty large refactor though, because playbooks can not be included dynamically. Instead, we can make sure to have a default for the lookup so that it will not fail to evaluate. The task would still fail to run if the lookup falls back to the default, so we wont hide issues with the key not existing with this change. Change-Id: I347de079ada7c7b82f2f7affafa97f95c8029a3f
This commit is contained in:
parent
ca4c061df7
commit
6eefa304ad
|
@ -102,9 +102,7 @@
|
|||
- name: Add virt power key to root authorized keys if using qemu:///system
|
||||
authorized_key:
|
||||
user: root
|
||||
key: "{{ item }}"
|
||||
with_file:
|
||||
- "{{ virt_power_key }}.pub"
|
||||
key: "{{ lookup('file', virt_power_key|quote + '.pub')|default('') }}"
|
||||
when: libvirt_uri == "qemu:///system"
|
||||
|
||||
# Copy the public key to `$HOME/.ssh/authorized_keys` for the `root`
|
||||
|
|
|
@ -35,15 +35,11 @@
|
|||
- name: Read virt_power private key
|
||||
no_log: True
|
||||
set_fact:
|
||||
virt_power_key_pvt: "{{ item }}"
|
||||
with_file:
|
||||
- "{{ virt_power_key }}"
|
||||
virt_power_key_pvt: "{{ lookup('file', virt_power_key)|default('') }}"
|
||||
|
||||
- name: add virt_power_key to remote authorized_keys
|
||||
authorized_key:
|
||||
user: "{{ ansible_user_id }}"
|
||||
key: "{{ item }}"
|
||||
key: "{{ lookup('file', virt_power_key|quote + '.pub')|default('') }}"
|
||||
manage_dir: true
|
||||
with_file:
|
||||
- "{{ virt_power_key }}.pub"
|
||||
|
||||
|
|
|
@ -57,9 +57,7 @@
|
|||
- name: Configure non-root user authorized_keys
|
||||
authorized_key:
|
||||
user: "{{ ssh_user }}"
|
||||
key: "{{ item }}"
|
||||
with_file:
|
||||
- "{{ virt_host_key }}.pub"
|
||||
key: "{{ lookup('file', virt_host_key|quote + '.pub')|default('') }}"
|
||||
become: true
|
||||
|
||||
- name: Ensure polkit packages are installed
|
||||
|
|
Loading…
Reference in New Issue