redhat-performance
Add Public SSH Keys to New Cloud Assignments Automatically
This is an RFE to add users public SSH keys to new assignments automatically via QUADS during bin/move-and-rebuild-host.sh. This would require an open git repository where users can store their intended public SSH keys named username.pub. If either the --cloud-owner or any of the --cc-users for a particular environment match any of the keys in place then it will copy them onto all their hosts.
Right now we have a playbook that tenants can utilize to copy keys but this will make things more seamless out of the box (and avoid hard coding uneccesary/irrelevant keys in Foreman)
https://github.com/redhat-performance/ops-tools/tree/master/ansible/copy-ssh-keys
We could use something like this: https://gist.github.com/grafuls/f279239c8bfe478020c266febeb37c79
We could use something like this: https://gist.github.com/grafuls/f279239c8bfe478020c266febeb37c79
Probably we don't even need this as QUADS host will have keys on all newly provisioned hosts due to Foreman.
We'd really just need some bare-bones ssh-copy-id like functionality with some sorting code that compares username.pub in a git repo with the output of either /opt/quads/bin/quads-cli --ls-owners and /opt/quads/bin/quads-cli --ls-cc-users and if any match for a particular cloud it copies out to all the systems listed in --cloud-only cloud0X.
As we have an anonymous git repo on Gitlab to store keys that anyone inside our VPN can clone and push to all that's required then is tenants copy their public key once for the lifetime of their key or employment to get them ferried out to systems for them for any future assignments.
Updated here: the bits @grafuls put together for this tool here should be a good entry-point into having quads do this for us:
https://github.com/redhat-performance/ops-tools/blob/master/misc-tools/paramiko-copy-ssh-key.py
This can be done with 1.0 branch also but we'll need to add python-paramiko.noarch for EL7/Fedora for the RPM spec so that's satisfied.