ansible: Deploy public key for lava-master-03 to cloud06

When ansible is rerun against cloud06, the public key for the root
user of lava-master-03 was being removed, causing lava jobs to fail as
they could not connect to run virsh commands.

C.f. https://lava-master-03.internal.efficios.com/scheduler/job/502#action_2-3-1-1

Change-Id: I7b7986fa34d8925468ed962c598f73c0bd78b823

diff --git a/automation/ansible/host_vars/cloud06.internal.efficios.com.yml b/automation/ansible/host_vars/cloud06.internal.efficios.com.yml
new file mode 100644 (file)
index 0000000..4aff994
--- /dev/null
+++ b/automation/ansible/host_vars/cloud06.internal.efficios.com.yml
@@ -0,0 +1,4 @@
+---
+extra_root_ssh_authorized_keys:
+  # yamllint disable-line rule:line-length
+  - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILmmI2pn+ncFKm/fOS5+RskBGnhbMd0p399ZWEKLUQ+Q lava-master-03'

diff --git a/automation/ansible/roles/common/tasks/main.yml b/automation/ansible/roles/common/tasks/main.yml
index 61ee1ee329f4ee9aea022c19450281ede74847ba..d901cf034f5d0094d27502c9cc852d106decf34c 100644 (file)
--- a/automation/ansible/roles/common/tasks/main.yml
+++ b/automation/ansible/roles/common/tasks/main.yml
@@ -27,7 +27,7 @@
 - name: Set up authorized_keys for the root user
   authorized_key:
     user: 'root'
-    key: "{% for key in query('fileglob', 'public_keys/*.pub') %}{{ lookup('file', key) ~ '\n'}}{% endfor %}"
+    key: "{% for key in query('fileglob', 'public_keys/*.pub') %}{{ lookup('file', key) ~ '\n'}}{% endfor %}\n{% for key in lookup('vars', 'extra_root_ssh_authorized_keys', default=[]) %}{{ key ~ '\n' }}{% endfor %}"
     exclusive: true
   when: ansible_os_family != 'Windows'