majic-ansible-roles Changeset

Changeset - f0ffcf83f46a

Parent rev.

Child rev.

[Not reviewed]

0 5 0

Branko Majic (branko) - 5 years ago 2020-10-01 22:59:53
branko@majic.rs

MAR-155: Make the ansible_key parameter in the bootstrap role mandatory:

- Updated the preseed role.
- Removed default value for the parameter.
- Updated tests.
- Updated role reference documentation.
- Updated release notes.

5 files changed with 9 insertions and 5 deletions:

docs/releasenotes.rst

docs/rolereference.rst

roles/bootstrap/defaults/main.yml

roles/bootstrap/molecule/default/group_vars/parameters-mandatory.yml

roles/bootstrap/molecule/default/tests/test_parameters_mandatory.py

0 comments (0 inline, 0 general)

docs/releasenotes.rst

➞

Show inline comments

@@ @@ -20,12 +20,16 @@ Breaking changes: @@
   * Support for Debian 8 Jessie has been dropped.
   * Common parameters ``tls_private_key_dir`` and
     ``tls_certificate_dir`` are no longer used.
   * TLS private key and certificate parameters are now mandatory.
 * ``bootstrap`` role
   * Parameter ``ansible_key`` is now mandatory.
 * ``mail_forwarder`` role
   * Use 2048-bit Diffie-Hellman parameters for relevant TLS
     ciphers. This could introduce incompatibility with older
     clients/servers trying to connect to the SMTP server.

docs/rolereference.rst

➞

Show inline comments

@@ @@ -188,13 +188,13 @@ The role implements the following: @@
   process.
 Parameters
 ~~~~~~~~~~
-**ansible_key** (string, optional, ``{{ lookup('file', '~/.ssh/id_rsa.pub') }}``)
+**ansible_key** (string, mandatory)
   SSH public key that should be deployed to authorized_keys truststore for
   operating system user ``ansible``.
 Distribution compatibility
 ~~~~~~~~~~~~~~~~~~~~~~~~~~

roles/bootstrap/defaults/main.yml

➞

Show inline comments

		---

		ansible_key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"

roles/bootstrap/molecule/default/group_vars/parameters-mandatory.yml

➞

Show inline comments

		---

		ansible_key: "{{ lookup('file', 'tests/data/ansible_key.pub') }}"

roles/bootstrap/molecule/default/tests/test_parameters_mandatory.py

➞

Show inline comments

@@ @@ -11,13 +11,13 @@ def test_authorized_keys(host): @@
     """
     Tests if Ansible user authorized_keys has been set-up correctly.
     """
     with host.sudo():
-        ssh_key = open(os.path.expanduser('~/.ssh/id_rsa.pub'), 'r').read().strip()
+        ssh_key = open('tests/data/ansible_key.pub', 'r').read().strip()
         authorized_keys = host.file('/home/ansible/.ssh/authorized_keys')
         assert authorized_keys.is_file
         assert ssh_key in authorized_keys.content_string
@@ @@ -25,9 +25,9 @@ def test_root_authorized_keys(host): @@
     """
     Tests if Ansible key been removed from root's authorized keys.
     """
     with host.sudo():
-        ssh_key = open(os.path.expanduser('~/.ssh/id_rsa.pub'), 'r').read().strip()
+        ssh_key = open('tests/data/ansible_key.pub', 'r').read().strip()
         assert ssh_key not in host.file('/root/.ssh/authorized_keys').content_string

0 comments (0 inline, 0 general)